rhsa-2024_3627
Vulnerability from csaf_redhat
Published
2024-06-05 10:05
Modified
2024-12-12 17:58
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)
* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)
* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)
* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)
* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)
* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)
* kernel: use after free in i2c (CVE-2019-25162)
* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)
* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777)
* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)
* kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055)
* kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump (CVE-2024-26615)
* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)
* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)
* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)
* kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)
* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)
* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)
* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)
* kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118)
* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)
* kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)
* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)
* kernel: i2c: i801: Don't generate an interrupt on bus reset (CVE-2021-47153)
* kernel: xhci: handle isoc Babble and Buffer Overrun events properly (CVE-2024-26659)
* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)
* kernel: wifi: mac80211: fix race condition on enabling fast-xmit (CVE-2024-26779)
* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744)
* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)
* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)
* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)
* kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872)
* kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)
* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)
* kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)
* kernel: USB: core: Fix deadlock in port "disable" sysfs attribute (CVE-2024-26933)
* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)
* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)
* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059)
Bug Fix(es):
* kernel-rt: update RT source tree to the latest RHEL-8.10.z kernel (JIRA:RHEL-34640)
* kernel-rt: epoll_wait not reporting catching all events to application (JIRA:RHEL-23022)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)\n\n* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)\n\n* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)\n\n* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)\n\n* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)\n\n* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)\n\n* kernel: use after free in i2c (CVE-2019-25162)\n\n* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)\n\n* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777)\n\n* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)\n\n* kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055)\n\n* kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump (CVE-2024-26615)\n\n* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)\n\n* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)\n\n* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)\n\n* kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)\n\n* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)\n\n* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)\n\n* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)\n\n* kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118)\n\n* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)\n\n* kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)\n\n* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)\n\n* kernel: i2c: i801: Don't generate an interrupt on bus reset (CVE-2021-47153)\n\n* kernel: xhci: handle isoc Babble and Buffer Overrun events properly (CVE-2024-26659)\n\n* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)\n\n* kernel: wifi: mac80211: fix race condition on enabling fast-xmit (CVE-2024-26779)\n\n* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744)\n\n* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)\n\n* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)\n\n* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)\n\n* kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872)\n\n* kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)\n\n* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)\n\n* kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)\n\n* kernel: USB: core: Fix deadlock in port "disable" sysfs attribute (CVE-2024-26933)\n\n* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)\n\n* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)\n\n* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059)\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest RHEL-8.10.z kernel (JIRA:RHEL-34640)\n\n* kernel-rt: epoll_wait not reporting catching all events to application (JIRA:RHEL-23022)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:3627", url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2250843", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250843", }, { category: "external", summary: "2257406", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257406", }, { category: "external", summary: "2263875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2263875", }, { category: "external", summary: "2265271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265271", }, { category: "external", summary: "2265646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265646", }, { category: "external", summary: "2265654", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265654", }, { category: "external", summary: "2265833", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265833", }, { category: "external", summary: "2266296", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266296", }, { category: "external", summary: "2266446", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266446", }, { category: "external", summary: "2266746", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266746", }, { category: "external", summary: "2266841", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266841", }, { category: "external", summary: "2267038", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267038", }, { category: "external", summary: "2267185", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267185", }, { category: "external", summary: "2267355", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267355", }, { category: "external", summary: "2267509", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267509", }, { category: "external", summary: "2267705", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267705", }, { category: "external", summary: "2267724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267724", }, { category: "external", summary: "2267758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267758", }, { category: "external", summary: "2267789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267789", }, { category: "external", summary: "2267797", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267797", }, { category: "external", summary: "2267804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267804", }, { category: "external", summary: "2268315", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268315", }, { category: "external", summary: "2268317", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268317", }, { category: "external", summary: "2269213", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269213", }, { category: "external", summary: "2269856", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269856", }, { category: "external", summary: "2270080", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270080", }, { category: "external", summary: "2270879", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270879", }, { category: "external", summary: "2270881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270881", }, { category: "external", summary: "2271469", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271469", }, { category: "external", summary: "2271476", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271476", }, { category: "external", summary: "2272780", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272780", }, { category: "external", summary: "2272791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272791", }, { category: "external", summary: "2273092", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273092", }, { category: "external", summary: "2273094", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273094", }, { category: "external", summary: "2273223", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273223", }, { category: "external", summary: "2273260", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273260", }, { category: "external", summary: "2273262", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273262", }, { category: "external", summary: "2274624", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274624", }, { category: "external", summary: "2275645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275645", }, { category: "external", summary: "2275655", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275655", }, { category: "external", summary: "2275666", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275666", }, { category: "external", summary: "2275707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275707", }, { category: "external", summary: "2275777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275777", }, { category: "external", summary: "2278169", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278169", }, { category: "external", summary: "2278237", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278237", }, { category: "external", summary: "2278240", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278240", }, { category: "external", summary: "2278268", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278268", }, { category: "external", summary: "2278314", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278314", }, { category: "external", summary: "2278356", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278356", }, { category: "external", summary: "2278398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278398", }, { category: "external", summary: "2278409", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278409", }, { category: "external", summary: "2278417", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278417", }, { category: "external", summary: "2278431", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278431", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3627.json", }, ], title: "Red Hat Security Advisory: kernel-rt security and bug fix update", tracking: { current_release_date: "2024-12-12T17:58:46+00:00", generator: { date: "2024-12-12T17:58:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:3627", initial_release_date: "2024-06-05T10:05:30+00:00", revision_history: [ { date: "2024-06-05T10:05:30+00:00", number: "1", summary: "Initial version", }, { date: "2024-06-05T10:05:30+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-12T17:58:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux NFV (v. 8)", product: { name: "Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::nfv", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux RT (v. 8)", product: { name: "Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::realtime", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", product: { name: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", product_id: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt@4.18.0-553.5.1.rt7.346.el8_10?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, { category: "product_version", name: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product: { name: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_id: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", }, product_reference: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", product_id: "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "NFV-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", }, product_reference: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", product_id: "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", }, product_reference: "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", relates_to_product_reference: "RT-8.10.0.Z.MAIN.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-25162", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-02-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2266296", }, ], notes: [ { category: "description", text: "An out-of-bounds (OOB) memory access flaw was found in the i2c driver module in the Linux kernel.", title: "Vulnerability description", }, { category: "summary", text: "kernel: use after free in i2c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-25162", }, { category: "external", summary: "RHBZ#2266296", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266296", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-25162", url: "https://www.cve.org/CVERecord?id=CVE-2019-25162", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-25162", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-25162", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022602-CVE-2019-25162-70ae@gregkh/", url: "https://lore.kernel.org/linux-cve-announce/2024022602-CVE-2019-25162-70ae@gregkh/", }, ], release_date: "2024-02-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: use after free in i2c", }, { cve: "CVE-2020-36777", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, discovery_date: "2024-02-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2266746", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. A missing memory release in the dvb_media_device_free function in the drivers/media/dvb-core/dvbdev.c file can result in a memory leak.", title: "Vulnerability description", }, { category: "summary", text: "kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()", title: "Vulnerability summary", }, { category: "other", text: "The kernel as shipped by Red Hat Enterprise Linux 9 is not affected by this issue because it already contains the fix.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-36777", }, { category: "external", summary: "RHBZ#2266746", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266746", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-36777", url: "https://www.cve.org/CVERecord?id=CVE-2020-36777", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-36777", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-36777", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240227184057.2368370-2-gregkh@linuxfoundation.org/T/#u", url: "https://lore.kernel.org/linux-cve-announce/20240227184057.2368370-2-gregkh@linuxfoundation.org/T/#u", }, ], release_date: "2024-02-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()", }, { cve: "CVE-2021-46934", cwe: { id: "CWE-703", name: "Improper Check or Handling of Exceptional Conditions", }, discovery_date: "2024-02-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2266446", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: validate user data in compat ioctl\n\nWrong user data may cause warning in i2c_transfer(), ex: zero msgs.\nUserspace should not be able to trigger warnings, so this patch adds\nvalidation checks for user data in compact ioctl to prevent reported\nwarnings", title: "Vulnerability description", }, { category: "summary", text: "kernel: i2c: validate user data in compat ioctl", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-46934", }, { category: "external", summary: "RHBZ#2266446", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266446", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-46934", url: "https://www.cve.org/CVERecord?id=CVE-2021-46934", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-46934", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-46934", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022750-CVE-2021-46934-79c8@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022750-CVE-2021-46934-79c8@gregkh/T/#u", }, ], release_date: "2024-02-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: i2c: validate user data in compat ioctl", }, { cve: "CVE-2021-47013", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-02-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2266841", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the Linux kernel’s Qualcomm Gigabit Ethernet Media Access Controller (EMAC) driver in how a user triggers an error path in the emac_tx_fill_tpd function. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47013", }, { category: "external", summary: "RHBZ#2266841", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2266841", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47013", url: "https://www.cve.org/CVERecord?id=CVE-2021-47013", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47013", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47013", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022831-CVE-2021-47013-034a@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022831-CVE-2021-47013-034a@gregkh/T/#u", }, ], release_date: "2024-02-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send", }, { cve: "CVE-2021-47055", discovery_date: "2024-02-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267185", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux Kernel, requiring write permissions for locking and badblock ioctls, as they modify protection bits.", title: "Vulnerability description", }, { category: "summary", text: "kernel: mtd: require write permissions for locking and badblock ioctls", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 9 is not affected by this vulnerability.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47055", }, { category: "external", summary: "RHBZ#2267185", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267185", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47055", url: "https://www.cve.org/CVERecord?id=CVE-2021-47055", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47055", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47055", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022950-CVE-2021-47055-6927@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022950-CVE-2021-47055-6927@gregkh/T/#u", }, ], release_date: "2024-02-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: mtd: require write permissions for locking and badblock ioctls", }, { cve: "CVE-2021-47118", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2269856", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npid: take a reference when initializing `cad_pid`\n\nDuring boot, kernel_init_freeable() initializes `cad_pid` to the init\ntask's struct pid. Later on, we may change `cad_pid` via a sysctl, and\nwhen this happens proc_do_cad_pid() will increment the refcount on the\nnew pid via get_pid(), and will decrement the refcount on the old pid\nvia put_pid(). As we never called get_pid() when we initialized\n`cad_pid`, we decrement a reference we never incremented, can therefore\nfree the init task's struct pid early. As there can be dangling\nreferences to the struct pid, we can later encounter a use-after-free\n(e.g. when delivering signals).\n\nThis was spotted when fuzzing v5.13-rc3 with Syzkaller, but seems to\nhave been around since the conversion of `cad_pid` to struct pid in\ncommit 9ec52099e4b8 (\"[PATCH] replace cad_pid by a struct pid\") from the\npre-KASAN stone age of v2.6.19.\n\nFix this by getting a reference to the init task's struct pid when we\nassign it to `cad_pid`.\n\nFull KASAN splat below.\n\n ==================================================================\n BUG: KASAN: use-after-free in ns_of_pid include/linux/pid.h:153 [inline]\n BUG: KASAN: use-after-free in task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n Read of size 4 at addr ffff23794dda0004 by task syz-executor.0/273\n\n CPU: 1 PID: 273 Comm: syz-executor.0 Not tainted 5.12.0-00001-g9aef892b2d15 #1\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n ns_of_pid include/linux/pid.h:153 [inline]\n task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n do_notify_parent+0x308/0xe60 kernel/signal.c:1950\n exit_notify kernel/exit.c:682 [inline]\n do_exit+0x2334/0x2bd0 kernel/exit.c:845\n do_group_exit+0x108/0x2c8 kernel/exit.c:922\n get_signal+0x4e4/0x2a88 kernel/signal.c:2781\n do_signal arch/arm64/kernel/signal.c:882 [inline]\n do_notify_resume+0x300/0x970 arch/arm64/kernel/signal.c:936\n work_pending+0xc/0x2dc\n\n Allocated by task 0:\n slab_post_alloc_hook+0x50/0x5c0 mm/slab.h:516\n slab_alloc_node mm/slub.c:2907 [inline]\n slab_alloc mm/slub.c:2915 [inline]\n kmem_cache_alloc+0x1f4/0x4c0 mm/slub.c:2920\n alloc_pid+0xdc/0xc00 kernel/pid.c:180\n copy_process+0x2794/0x5e18 kernel/fork.c:2129\n kernel_clone+0x194/0x13c8 kernel/fork.c:2500\n kernel_thread+0xd4/0x110 kernel/fork.c:2552\n rest_init+0x44/0x4a0 init/main.c:687\n arch_call_rest_init+0x1c/0x28\n start_kernel+0x520/0x554 init/main.c:1064\n 0x0\n\n Freed by task 270:\n slab_free_hook mm/slub.c:1562 [inline]\n slab_free_freelist_hook+0x98/0x260 mm/slub.c:1600\n slab_free mm/slub.c:3161 [inline]\n kmem_cache_free+0x224/0x8e0 mm/slub.c:3177\n put_pid.part.4+0xe0/0x1a8 kernel/pid.c:114\n put_pid+0x30/0x48 kernel/pid.c:109\n proc_do_cad_pid+0x190/0x1b0 kernel/sysctl.c:1401\n proc_sys_call_handler+0x338/0x4b0 fs/proc/proc_sysctl.c:591\n proc_sys_write+0x34/0x48 fs/proc/proc_sysctl.c:617\n call_write_iter include/linux/fs.h:1977 [inline]\n new_sync_write+0x3ac/0x510 fs/read_write.c:518\n vfs_write fs/read_write.c:605 [inline]\n vfs_write+0x9c4/0x1018 fs/read_write.c:585\n ksys_write+0x124/0x240 fs/read_write.c:658\n __do_sys_write fs/read_write.c:670 [inline]\n __se_sys_write fs/read_write.c:667 [inline]\n __arm64_sys_write+0x78/0xb0 fs/read_write.c:667\n __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n invoke_syscall arch/arm64/kernel/syscall.c:49 [inline]\n el0_svc_common.constprop.1+0x16c/0x388 arch/arm64/kernel/syscall.c:129\n do_el0_svc+0xf8/0x150 arch/arm64/kernel/syscall.c:168\n el0_svc+0x28/0x38 arch/arm64/kernel/entry-common.c:416\n el0_sync_handler+0x134/0x180 arch/arm64/kernel/entry-common.c:432\n el0_sync+0x154/0x180 arch/arm64/kernel/entry.S:701\n\n The buggy address belongs to the object at ffff23794dda0000\n which belongs to the cache pid of size 224\n The buggy address is located 4 bytes inside of\n 224-byte region [ff\n---truncated---", title: "Vulnerability description", }, { category: "summary", text: "kernel: pid: take a reference when initializing `cad_pid`", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47118", }, { category: "external", summary: "RHBZ#2269856", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269856", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47118", url: "https://www.cve.org/CVERecord?id=CVE-2021-47118", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47118", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47118", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024031509-CVE-2021-47118-faf2@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024031509-CVE-2021-47118-faf2@gregkh/T/#u", }, ], release_date: "2024-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: pid: take a reference when initializing `cad_pid`", }, { cve: "CVE-2021-47153", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2271476", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don't generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction.", title: "Vulnerability description", }, { category: "summary", text: "kernel: i2c: i801: Don't generate an interrupt on bus reset", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47153", }, { category: "external", summary: "RHBZ#2271476", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271476", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47153", url: "https://www.cve.org/CVERecord?id=CVE-2021-47153", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47153", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47153", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024032501-CVE-2021-47153-8c75@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024032501-CVE-2021-47153-8c75@gregkh/T", }, ], release_date: "2024-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: i2c: i801: Don't generate an interrupt on bus reset", }, { cve: "CVE-2021-47171", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2271469", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline]\n [<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline]\n [<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: usb: fix memory leak in smsc75xx_bind", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47171", }, { category: "external", summary: "RHBZ#2271469", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2271469", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47171", url: "https://www.cve.org/CVERecord?id=CVE-2021-47171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47171", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47171", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024032536-CVE-2021-47171-f223@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024032536-CVE-2021-47171-f223@gregkh/T", }, ], release_date: "2024-03-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net: usb: fix memory leak in smsc75xx_bind", }, { cve: "CVE-2021-47185", cwe: { id: "CWE-1050", name: "Excessive Platform Resource Consumption within a Loop", }, discovery_date: "2024-04-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2274624", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\n\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\n\n Workqueue: events_unbound flush_to_ldisc\n Call trace:\n dump_backtrace+0x0/0x1ec\n show_stack+0x24/0x30\n dump_stack+0xd0/0x128\n panic+0x15c/0x374\n watchdog_timer_fn+0x2b8/0x304\n __run_hrtimer+0x88/0x2c0\n __hrtimer_run_queues+0xa4/0x120\n hrtimer_interrupt+0xfc/0x270\n arch_timer_handler_phys+0x40/0x50\n handle_percpu_devid_irq+0x94/0x220\n __handle_domain_irq+0x88/0xf0\n gic_handle_irq+0x84/0xfc\n el1_irq+0xc8/0x180\n slip_unesc+0x80/0x214 [slip]\n tty_ldisc_receive_buf+0x64/0x80\n tty_port_default_receive_buf+0x50/0x90\n flush_to_ldisc+0xbc/0x110\n process_one_work+0x1d4/0x4b0\n worker_thread+0x180/0x430\n kthread+0x11c/0x120\n\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it.", title: "Vulnerability description", }, { category: "summary", text: "kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-47185", }, { category: "external", summary: "RHBZ#2274624", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2274624", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-47185", url: "https://www.cve.org/CVERecord?id=CVE-2021-47185", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-47185", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-47185", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041033-CVE-2021-47185-c363@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041033-CVE-2021-47185-c363@gregkh/T", }, ], release_date: "2024-04-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc", }, { cve: "CVE-2022-48627", cwe: { id: "CWE-1260", name: "Improper Handling of Overlap Between Protected Memory Ranges", }, discovery_date: "2024-03-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267509", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's virtual terminal driver which causes a memory overlapping copy to occur, this overlapping copy can lead to data corruption and could potentially allow an attacker interacting with a virtual terminal to corrupt or expose system memory.", title: "Vulnerability description", }, { category: "summary", text: "kernel: vt: fix memory overlapping when deleting chars in the buffer", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-48627", }, { category: "external", summary: "RHBZ#2267509", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267509", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-48627", url: "https://www.cve.org/CVERecord?id=CVE-2022-48627", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-48627", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-48627", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2022-48627-c7bf@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2022-48627-c7bf@gregkh/T/#u", }, ], release_date: "2024-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: vt: fix memory overlapping when deleting chars in the buffer", }, { cve: "CVE-2023-6240", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, discovery_date: "2023-11-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2250843", }, ], notes: [ { category: "description", text: "A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-6240", }, { category: "external", summary: "RHBZ#2250843", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2250843", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-6240", url: "https://www.cve.org/CVERecord?id=CVE-2023-6240", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-6240", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-6240", }, { category: "external", summary: "https://people.redhat.com/~hkario/marvin/", url: "https://people.redhat.com/~hkario/marvin/", }, { category: "external", summary: "https://securitypitfalls.wordpress.com/2023/10/16/experiment-with-side-channel-attacks-yourself/", url: "https://securitypitfalls.wordpress.com/2023/10/16/experiment-with-side-channel-attacks-yourself/", }, ], release_date: "2023-09-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation", }, { cve: "CVE-2023-52439", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-02-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2265271", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel’s uio subsystem. A use-after-free memory flaw in the uio_open functionality allows a local user to crash or escalate their privileges on the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: uio: Fix use-after-free in uio_open", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52439", }, { category: "external", summary: "RHBZ#2265271", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265271", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52439", url: "https://www.cve.org/CVERecord?id=CVE-2023-52439", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52439", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52439", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022026-wobbling-jumbo-748e@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022026-wobbling-jumbo-748e@gregkh/T/#u", }, ], release_date: "2024-02-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "To mitigate this issue, prevent module uio from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: uio: Fix use-after-free in uio_open", }, { cve: "CVE-2023-52445", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2265654", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix use after free on context disconnection\n\nUpon module load, a kthread is created targeting the\npvr2_context_thread_func function, which may call pvr2_context_destroy\nand thus call kfree() on the context object. However, that might happen\nbefore the usb hub_event handler is able to notify the driver. This\npatch adds a sanity check before the invalid read reported by syzbot,\nwithin the context disconnection call stack.", title: "Vulnerability description", }, { category: "summary", text: "kernel: pvrusb2: fix use after free on context disconnection", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52445", }, { category: "external", summary: "RHBZ#2265654", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265654", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52445", url: "https://www.cve.org/CVERecord?id=CVE-2023-52445", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52445", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52445", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022253-CVE-2023-52445-07a6@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022253-CVE-2023-52445-07a6@gregkh/T/#u", }, ], release_date: "2024-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: pvrusb2: fix use after free on context disconnection", }, { cve: "CVE-2023-52477", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-02-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267038", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: hub: Guard against accesses to uninitialized BOS descriptors\n\nMany functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h\naccess fields inside udev->bos without checking if it was allocated and\ninitialized. If usb_get_bos_descriptor() fails for whatever\nreason, udev->bos will be NULL and those accesses will result in a\ncrash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000018\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 5 PID: 17818 Comm: kworker/5:1 Tainted: G W 5.15.108-18910-gab0e1cb584e1 #1 <HASH:1f9e 1>\nHardware name: Google Kindred/Kindred, BIOS Google_Kindred.12672.413.0 02/03/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:hub_port_reset+0x193/0x788\nCode: 89 f7 e8 20 f7 15 00 48 8b 43 08 80 b8 96 03 00 00 03 75 36 0f b7 88 92 03 00 00 81 f9 10 03 00 00 72 27 48 8b 80 a8 03 00 00 <48> 83 78 18 00 74 19 48 89 df 48 8b 75 b0 ba 02 00 00 00 4c 89 e9\nRSP: 0018:ffffab740c53fcf8 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffa1bc5f678000 RCX: 0000000000000310\nRDX: fffffffffffffdff RSI: 0000000000000286 RDI: ffffa1be9655b840\nRBP: ffffab740c53fd70 R08: 00001b7d5edaa20c R09: ffffffffb005e060\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: ffffab740c53fd3e R14: 0000000000000032 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffffa1be96540000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000018 CR3: 000000022e80c005 CR4: 00000000003706e0\nCall Trace:\nhub_event+0x73f/0x156e\n? hub_activate+0x5b7/0x68f\nprocess_one_work+0x1a2/0x487\nworker_thread+0x11a/0x288\nkthread+0x13a/0x152\n? process_one_work+0x487/0x487\n? kthread_associate_blkcg+0x70/0x70\nret_from_fork+0x1f/0x30\n\nFall back to a default behavior if the BOS descriptor isn't accessible\nand skip all the functionalities that depend on it: LPM support checks,\nSuper Speed capabilitiy checks, U1/U2 states setup.", title: "Vulnerability description", }, { category: "summary", text: "kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52477", }, { category: "external", summary: "RHBZ#2267038", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267038", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52477", url: "https://www.cve.org/CVERecord?id=CVE-2023-52477", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52477", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52477", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022921-CVE-2023-52477-6f20@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022921-CVE-2023-52477-6f20@gregkh/T/#u", }, ], release_date: "2024-02-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors", }, { cve: "CVE-2023-52513", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-03-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267804", }, ], notes: [ { category: "description", text: "A NULL dereference vulnerability was found in the Linux kernel, which is caused when the siw_cm_work_handler() function attempts to dereference a NULL listener that may be created when immediate MPA request processing fails and the newly created endpoint unlinks the listening endpoint ready to be dropped.", title: "Vulnerability description", }, { category: "summary", text: "kernel: RDMA/siw: Fix connection failure handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52513", }, { category: "external", summary: "RHBZ#2267804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52513", url: "https://www.cve.org/CVERecord?id=CVE-2023-52513", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52513", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52513", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030251-CVE-2023-52513-5224@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024030251-CVE-2023-52513-5224@gregkh/T/#u", }, ], release_date: "2024-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: RDMA/siw: Fix connection failure handling", }, { cve: "CVE-2023-52520", discovery_date: "2024-03-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267797", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: think-lmi: Fix reference leak\n\nIf a duplicate attribute is found using kset_find_obj(), a reference\nto that attribute is returned which needs to be disposed accordingly\nusing kobject_put(). Move the setting name validation into a separate\nfunction to allow for this change without having to duplicate the\ncleanup code for this setting.\nAs a side note, a very similar bug was fixed in\ncommit 7295a996fdab (\"platform/x86: dell-sysman: Fix reference leak\"),\nso it seems that the bug was copied from that driver.\n\nCompile-tested only.", title: "Vulnerability description", }, { category: "summary", text: "kernel: platform/x86: think-lmi: Fix reference leak", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52520", }, { category: "external", summary: "RHBZ#2267797", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267797", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52520", url: "https://www.cve.org/CVERecord?id=CVE-2023-52520", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52520", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52520", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2023-52520-0a4e@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2023-52520-0a4e@gregkh/T/#u", }, ], release_date: "2024-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: platform/x86: think-lmi: Fix reference leak", }, { cve: "CVE-2023-52528", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2024-03-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267789", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg\n\nsyzbot reported the following uninit-value access issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\nBUG: KMSAN: uninit-value in smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\nCPU: 0 PID: 8696 Comm: kworker/0:3 Not tainted 5.8.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x21c/0x280 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\n smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\n usbnet_probe+0x1152/0x3f90 drivers/net/usb/usbnet.c:1737\n usb_probe_interface+0xece/0x1550 drivers/usb/core/driver.c:374\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_set_configuration+0x380f/0x3f10 drivers/usb/core/message.c:2032\n usb_generic_driver_probe+0x138/0x300 drivers/usb/core/generic.c:241\n usb_probe_device+0x311/0x490 drivers/usb/core/driver.c:272\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_new_device+0x1bd4/0x2a30 drivers/usb/core/hub.c:2554\n hub_port_connect drivers/usb/core/hub.c:5208 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]\n port_event drivers/usb/core/hub.c:5494 [inline]\n hub_event+0x5e7b/0x8a70 drivers/usb/core/hub.c:5576\n process_one_work+0x1688/0x2140 kernel/workqueue.c:2269\n worker_thread+0x10bc/0x2730 kernel/workqueue.c:2415\n kthread+0x551/0x590 kernel/kthread.c:292\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293\n\nLocal variable ----buf.i87@smsc75xx_bind created at:\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n\nThis issue is caused because usbnet_read_cmd() reads less bytes than requested\n(zero byte in the reproducer). In this case, 'buf' is not properly filled.\n\nThis patch fixes the issue by returning -ENODATA if usbnet_read_cmd() reads\nless bytes than requested.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52528", }, { category: "external", summary: "RHBZ#2267789", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267789", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52528", url: "https://www.cve.org/CVERecord?id=CVE-2023-52528", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52528", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52528", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52528-c33b@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52528-c33b@gregkh/T/#u", }, ], release_date: "2024-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg", }, { cve: "CVE-2023-52565", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-03-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267724", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix OOB read\n\nIf the index provided by the user is bigger than the mask size, we might do\nan out of bound read.", title: "Vulnerability description", }, { category: "summary", text: "kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52565", }, { category: "external", summary: "RHBZ#2267724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267724", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52565", url: "https://www.cve.org/CVERecord?id=CVE-2023-52565", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52565", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52565", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52565-07ce@gregkh/", url: "https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52565-07ce@gregkh/", }, ], release_date: "2024-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()", }, { cve: "CVE-2023-52578", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-03-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267758", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: use DEV_STATS_INC()\n\nsyzbot/KCSAN reported data-races in br_handle_frame_finish() [1]\nThis function can run from multiple cpus without mutual exclusion.\n\nAdopt SMP safe DEV_STATS_INC() to update dev->stats fields.\n\nHandles updates to dev->stats.tx_dropped while we are at it.\n\n[1]\nBUG: KCSAN: data-race in br_handle_frame_finish / br_handle_frame_finish\n\nread-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu 1:\nbr_handle_frame_finish+0xd4f/0xef0 net/bridge/br_input.c:189\nbr_nf_hook_thresh+0x1ed/0x220\nbr_nf_pre_routing_finish_ipv6+0x50f/0x540\nNF_HOOK include/linux/netfilter.h:304 [inline]\nbr_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:178\nbr_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:508\nnf_hook_entry_hookfn include/linux/netfilter.h:144 [inline]\nnf_hook_bridge_pre net/bridge/br_input.c:272 [inline]\nbr_handle_frame+0x4c9/0x940 net/bridge/br_input.c:417\n__netif_receive_skb_core+0xa8a/0x21e0 net/core/dev.c:5417\n__netif_receive_skb_one_core net/core/dev.c:5521 [inline]\n__netif_receive_skb+0x57/0x1b0 net/core/dev.c:5637\nprocess_backlog+0x21f/0x380 net/core/dev.c:5965\n__napi_poll+0x60/0x3b0 net/core/dev.c:6527\nnapi_poll net/core/dev.c:6594 [inline]\nnet_rx_action+0x32b/0x750 net/core/dev.c:6727\n__do_softirq+0xc1/0x265 kernel/softirq.c:553\nrun_ksoftirqd+0x17/0x20 kernel/softirq.c:921\nsmpboot_thread_fn+0x30a/0x4a0 kernel/smpboot.c:164\nkthread+0x1d7/0x210 kernel/kthread.c:388\nret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147\nret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nread-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu 0:\nbr_handle_frame_finish+0xd4f/0xef0 net/bridge/br_input.c:189\nbr_nf_hook_thresh+0x1ed/0x220\nbr_nf_pre_routing_finish_ipv6+0x50f/0x540\nNF_HOOK include/linux/netfilter.h:304 [inline]\nbr_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:178\nbr_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:508\nnf_hook_entry_hookfn include/linux/netfilter.h:144 [inline]\nnf_hook_bridge_pre net/bridge/br_input.c:272 [inline]\nbr_handle_frame+0x4c9/0x940 net/bridge/br_input.c:417\n__netif_receive_skb_core+0xa8a/0x21e0 net/core/dev.c:5417\n__netif_receive_skb_one_core net/core/dev.c:5521 [inline]\n__netif_receive_skb+0x57/0x1b0 net/core/dev.c:5637\nprocess_backlog+0x21f/0x380 net/core/dev.c:5965\n__napi_poll+0x60/0x3b0 net/core/dev.c:6527\nnapi_poll net/core/dev.c:6594 [inline]\nnet_rx_action+0x32b/0x750 net/core/dev.c:6727\n__do_softirq+0xc1/0x265 kernel/softirq.c:553\ndo_softirq+0x5e/0x90 kernel/softirq.c:454\n__local_bh_enable_ip+0x64/0x70 kernel/softirq.c:381\n__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]\n_raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210\nspin_unlock_bh include/linux/spinlock.h:396 [inline]\nbatadv_tt_local_purge+0x1a8/0x1f0 net/batman-adv/translation-table.c:1356\nbatadv_tt_purge+0x2b/0x630 net/batman-adv/translation-table.c:3560\nprocess_one_work kernel/workqueue.c:2630 [inline]\nprocess_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2703\nworker_thread+0x525/0x730 kernel/workqueue.c:2784\nkthread+0x1d7/0x210 kernel/kthread.c:388\nret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147\nret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nvalue changed: 0x00000000000d7190 -> 0x00000000000d7191\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 0 PID: 14848 Comm: kworker/u4:11 Not tainted 6.6.0-rc1-syzkaller-00236-gad8a69f361b9 #0", title: "Vulnerability description", }, { category: "summary", text: "kernel: net: bridge: data races indata-races in br_handle_frame_finish()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52578", }, { category: "external", summary: "RHBZ#2267758", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267758", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52578", url: "https://www.cve.org/CVERecord?id=CVE-2023-52578", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52578", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52578", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030257-CVE-2023-52578-50cb@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024030257-CVE-2023-52578-50cb@gregkh/T/#u", }, ], release_date: "2024-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: net: bridge: data races indata-races in br_handle_frame_finish()", }, { cve: "CVE-2023-52594", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-03-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268317", }, ], notes: [ { category: "description", text: "A potential array-index-out-of-bounds read flaw was found in the Linux kernel in ath9k_htc_txstatus(). This issue may lead to a crash.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52594", }, { category: "external", summary: "RHBZ#2268317", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268317", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52594", url: "https://www.cve.org/CVERecord?id=CVE-2023-52594", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52594", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52594", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030645-CVE-2023-52594-9b84@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024030645-CVE-2023-52594-9b84@gregkh/T", }, ], release_date: "2024-03-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()", }, { cve: "CVE-2023-52595", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2024-03-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2268315", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. When a hardware reset is triggered, all registers are reset, so all queues are forced to stop in the hardware interface. However, mac80211 will not automatically stop the queue. If the beacon queue is not manually stopped, it will be deadlocked and unable to restart.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: rt2x00: restart beacon queue when hardware reset", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52595", }, { category: "external", summary: "RHBZ#2268315", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2268315", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52595", url: "https://www.cve.org/CVERecord?id=CVE-2023-52595", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52595", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52595", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024030645-CVE-2023-52595-d018@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024030645-CVE-2023-52595-d018@gregkh/T", }, ], release_date: "2024-03-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: rt2x00: restart beacon queue when hardware reset", }, { cve: "CVE-2023-52610", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-03-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270080", }, ], notes: [ { category: "description", text: "A memory leak flaw and potential kernel crash were found in the Linux kernel’s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user to crash or potentially escalate their privileges on the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/sched: act_ct: fix skb leak and crash on ooo frags", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-52610", }, { category: "external", summary: "RHBZ#2270080", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270080", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-52610", url: "https://www.cve.org/CVERecord?id=CVE-2023-52610", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-52610", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-52610", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240318100758.2828621-10-lee@kernel.org/T", url: "https://lore.kernel.org/linux-cve-announce/20240318100758.2828621-10-lee@kernel.org/T", }, ], release_date: "2024-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "To mitigate this issue, prevent the Conntrack module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net/sched: act_ct: fix skb leak and crash on ooo frags", }, { cve: "CVE-2024-0340", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2024-01-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2257406", }, ], notes: [ { category: "description", text: "A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Information disclosure in vhost/vhost.c:vhost_new_msg()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-0340", }, { category: "external", summary: "RHBZ#2257406", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2257406", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-0340", url: "https://www.cve.org/CVERecord?id=CVE-2024-0340", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-0340", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-0340", }, { category: "external", summary: "https://lore.kernel.org/lkml/5kn47peabxjrptkqa6dwtyus35ahf4pcj4qm4pumse33kxqpjw@mec4se5relrc/T/", url: "https://lore.kernel.org/lkml/5kn47peabxjrptkqa6dwtyus35ahf4pcj4qm4pumse33kxqpjw@mec4se5relrc/T/", }, ], release_date: "2023-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: Information disclosure in vhost/vhost.c:vhost_new_msg()", }, { cve: "CVE-2024-23307", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2024-03-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267705", }, ], notes: [ { category: "description", text: "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.", title: "Vulnerability description", }, { category: "summary", text: "kernel: Integer Overflow in raid5_cache_count", title: "Vulnerability summary", }, { category: "other", text: "Red Hat has protection mechanisms in place against buffer overflows, such as FORTIFY_SOURCE, Position Independent Executables or Stack Smashing Protection.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-23307", }, { category: "external", summary: "RHBZ#2267705", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267705", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-23307", url: "https://www.cve.org/CVERecord?id=CVE-2024-23307", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-23307", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-23307", }, { category: "external", summary: "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975", url: "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975", }, { category: "external", summary: "https://lore.kernel.org/linux-raid/20240112071017.16313-1-2045gemini@gmail.com/#r", url: "https://lore.kernel.org/linux-raid/20240112071017.16313-1-2045gemini@gmail.com/#r", }, { category: "external", summary: "https://patchwork.kernel.org/project/linux-raid/patch/20240112071017.16313-1-2045gemini@gmail.com/", url: "https://patchwork.kernel.org/project/linux-raid/patch/20240112071017.16313-1-2045gemini@gmail.com/", }, ], release_date: "2024-01-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: Integer Overflow in raid5_cache_count", }, { cve: "CVE-2024-25744", discovery_date: "2024-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2263875", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side.", title: "Vulnerability description", }, { category: "summary", text: "kernel: untrusted VMM can trigger int80 syscall handling", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-25744", }, { category: "external", summary: "RHBZ#2263875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2263875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-25744", url: "https://www.cve.org/CVERecord?id=CVE-2024-25744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-25744", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-25744", }, { category: "external", summary: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b82a8dbd3d2f4563156f7150c6f2ecab6e960b30", url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b82a8dbd3d2f4563156f7150c6f2ecab6e960b30", }, ], release_date: "2024-02-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "This vulnerability can be mitigated by disabling 32-bit emulation by default for TDX and SEV. The user can override it with the ia32_emulation=y command line option.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: untrusted VMM can trigger int80 syscall handling", }, { cve: "CVE-2024-26593", discovery_date: "2024-02-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2265646", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Fix block process call transactions\n\nAccording to the Intel datasheets, software must reset the block\nbuffer index twice for block process call transactions: once before\nwriting the outgoing data to the buffer, and once again before\nreading the incoming data from the buffer.\n\nThe driver is currently missing the second reset, causing the wrong\nportion of the block buffer to be read.", title: "Vulnerability description", }, { category: "summary", text: "kernel: i2c: i801: Fix block process call transactions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26593", }, { category: "external", summary: "RHBZ#2265646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265646", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26593", url: "https://www.cve.org/CVERecord?id=CVE-2024-26593", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26593", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26593", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022315-CVE-2024-26593-9d89@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022315-CVE-2024-26593-9d89@gregkh/T/#u", }, ], release_date: "2024-02-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "To mitigate this issue, prevent module i2c-i801 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: i2c: i801: Fix block process call transactions", }, { cve: "CVE-2024-26603", cwe: { id: "CWE-835", name: "Loop with Unreachable Exit Condition ('Infinite Loop')", }, discovery_date: "2024-02-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2265833", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel's x86/fpu module, which revolves around an issue with relying on user space for critical information regarding the xsave buffer. In the affected scenario, the expected size of the user space buffer is derived from user-controlled data, specifically, fx_sw->xstate_size. By manipulating this value, an attacker could construct a malicious sigreturn frame where the indicated size is smaller than required by valid bits in fx_sw->xfeatures. Furthermore, the attacker could unmap portions of the fpu buffer in the user space, rendering them inaccessible to xrstor.\r\n\r\nThis manipulation leads to a situation where xrstor repeatedly attempts to restore and access an unmapped area, causing a fault. However, the fault_in_readable function erroneously succeeds because the accessed region, buf + fx_sw->xstate_size, remains within the mapped area. Consequently, the system enters a perpetual loop as xrstor continually retries the operation.", title: "Vulnerability description", }, { category: "summary", text: "kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability, while technically significant due to its potential for exploitation, is classified as Low severity for several reasons. First, successful exploitation requires a precise set of conditions, including the ability to manipulate the fx_sw->xstate_size parameter, which may not always be feasible. Additionally, the exploit's impact is limited to a specific subsystem (x86/fpu) within the Linux kernel, thereby reducing its overall scope and potential for widespread harm. Moreover, the loop resulting from the fault condition does not result in a system compromise or escalation of privileges but rather leads to a denial-of-service situation, which can be mitigated through a system reboot or other administrative actions.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26603", }, { category: "external", summary: "RHBZ#2265833", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2265833", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26603", url: "https://www.cve.org/CVERecord?id=CVE-2024-26603", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26603", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26603", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024022415-CVE-2024-26603-42c2@gregkh/T/#u", url: "https://lore.kernel.org/linux-cve-announce/2024022415-CVE-2024-26603-42c2@gregkh/T/#u", }, ], release_date: "2024-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever", }, { cve: "CVE-2024-26610", cwe: { id: "CWE-680", name: "Integer Overflow to Buffer Overflow", }, discovery_date: "2024-02-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2269213", }, ], notes: [ { category: "description", text: "A memory corruption flaw was found in the Linux kernel Intel Wireless WiFi Next Gen AGN module. This issue could allow a local user to crash the system.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: iwlwifi: fix a memory corruption", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 9 is not affected by this vulnerability.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26610", }, { category: "external", summary: "RHBZ#2269213", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269213", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26610", url: "https://www.cve.org/CVERecord?id=CVE-2024-26610", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26610", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26610", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-42-lee@kernel.org/T", url: "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-42-lee@kernel.org/T", }, ], release_date: "2024-02-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "To mitigate this issue, prevent the iwlwifi module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: iwlwifi: fix a memory corruption", }, { cve: "CVE-2024-26615", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-02-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2267355", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel in which functions providing information about SMC-D connections caused a NULL pointer dereference. This flaw allows an attacker with permission to read this information to cause a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26615", }, { category: "external", summary: "RHBZ#2267355", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2267355", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26615", url: "https://www.cve.org/CVERecord?id=CVE-2024-26615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26615", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26615", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-47-lee@kernel.org/T/#u", url: "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-47-lee@kernel.org/T/#u", }, ], release_date: "2024-02-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump", }, { cve: "CVE-2024-26642", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-03-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270881", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: disallow anonymous set with timeout flag", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26642", }, { category: "external", summary: "RHBZ#2270881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270881", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26642", url: "https://www.cve.org/CVERecord?id=CVE-2024-26642", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26642", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26642", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26642-3549@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26642-3549@gregkh/T", }, ], release_date: "2024-03-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: netfilter: nf_tables: disallow anonymous set with timeout flag", }, { cve: "CVE-2024-26643", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-03-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270879", }, ], notes: [ { category: "description", text: "A vulnerability was found in the netfilter/nf_tables subsystem of Linux Kernel, where a race condition caused where the garbage collector could prematurely collect elements from anonymous sets with timeouts while they were being released.", title: "Vulnerability description", }, { category: "summary", text: "kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26643", }, { category: "external", summary: "RHBZ#2270879", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270879", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26643", url: "https://www.cve.org/CVERecord?id=CVE-2024-26643", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26643", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26643", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26643-4f9d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26643-4f9d@gregkh/T", }, ], release_date: "2024-03-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout", }, { cve: "CVE-2024-26659", cwe: { id: "CWE-119", name: "Improper Restriction of Operations within the Bounds of a Memory Buffer", }, discovery_date: "2024-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2272780", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel related to the Extensible Host Controller Interface (xHCI) subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous (isoc) Babble and Buffer Overrun events. The vulnerability occurs because the xHCI driver incorrectly assumes that the xHC (host controller) has released its ownership of a multi-TRB (Transfer Request Block) TD (Transfer Descriptor) after reporting an error on an early TRB. This assumption leads to the premature release of the TD, allowing remaining TRBs to be freed or overwritten, which can cause system instability or crashes.", title: "Vulnerability description", }, { category: "summary", text: "kernel: xhci: handle isoc Babble and Buffer Overrun events properly", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has classified the severity of this vulnerability as Moderate due to the specific prerequisites required for exploitation. Successful exploitation generally necessitates local access to the system with elevated permissions to interact with the Extensible Host Controller Interface (xHCI) driver, which effectively translates to root-level access.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26659", }, { category: "external", summary: "RHBZ#2272780", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272780", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26659", url: "https://www.cve.org/CVERecord?id=CVE-2024-26659", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26659", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26659", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040222-CVE-2024-26659-e4f6@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040222-CVE-2024-26659-e4f6@gregkh/T", }, ], release_date: "2024-04-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "There is no known mitigation to this problem. Red Hat recommends updating to the latest kernel version to fix the problem.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: xhci: handle isoc Babble and Buffer Overrun events properly", }, { cve: "CVE-2024-26664", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2272791", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (coretemp) Fix out-of-bounds memory access\n\nFix a bug that pdata->cpu_map[] is set before out-of-bounds check.\nThe problem might be triggered on systems with more than 128 cores per\npackage.", title: "Vulnerability description", }, { category: "summary", text: "kernel: hwmon: (coretemp) Fix out-of-bounds memory access", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26664", }, { category: "external", summary: "RHBZ#2272791", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2272791", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26664", url: "https://www.cve.org/CVERecord?id=CVE-2024-26664", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26664", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26664", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040223-CVE-2024-26664-03db@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040223-CVE-2024-26664-03db@gregkh/T", }, ], release_date: "2024-04-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: hwmon: (coretemp) Fix out-of-bounds memory access", }, { cve: "CVE-2024-26693", cwe: { id: "CWE-99", name: "Improper Control of Resource Identifiers ('Resource Injection')", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273094", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's iwlwifi driver, which can result in a crash due to improper handling of station data (STA) when the system runs out of available stations in the firmware. This could lead to a denial of service (Dos) which crashes the Access Point (AP).", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: iwlwifi: mvm: fix a crash when we run out of stations", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26693", }, { category: "external", summary: "RHBZ#2273094", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273094", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26693", url: "https://www.cve.org/CVERecord?id=CVE-2024-26693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26693", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26693", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040337-CVE-2024-26693-9c3b@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040337-CVE-2024-26693-9c3b@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: iwlwifi: mvm: fix a crash when we run out of stations", }, { cve: "CVE-2024-26694", cwe: { id: "CWE-415", name: "Double Free", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273092", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's iwlwifi driver, where the TLV PC register data being freed is not properly marked as NULL afterwards, resulting in a double-free issue. This could lead to memory corruption or crashes.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: iwlwifi: fix double-free bug", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26694", }, { category: "external", summary: "RHBZ#2273092", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273092", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26694", url: "https://www.cve.org/CVERecord?id=CVE-2024-26694", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26694", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26694", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040337-CVE-2024-26694-b216@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040337-CVE-2024-26694-b216@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: iwlwifi: fix double-free bug", }, { cve: "CVE-2024-26743", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273262", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/qedr: Fix qedr_create_user_qp error flow\n\nAvoid the following warning by making sure to free the allocated\nresources in case that qedr_init_user_queue() fail.\n\n-----------[ cut here ]-----------\nWARNING: CPU: 0 PID: 143192 at drivers/infiniband/core/rdma_core.c:874 uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nModules linked in: tls target_core_user uio target_core_pscsi target_core_file target_core_iblock ib_srpt ib_srp scsi_transport_srp nfsd nfs_acl rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs 8021q garp mrp stp llc ext4 mbcache jbd2 opa_vnic ib_umad ib_ipoib sunrpc rdma_ucm ib_isert iscsi_target_mod target_core_mod ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm hfi1 intel_rapl_msr intel_rapl_common mgag200 qedr sb_edac drm_shmem_helper rdmavt x86_pkg_temp_thermal drm_kms_helper intel_powerclamp ib_uverbs coretemp i2c_algo_bit kvm_intel dell_wmi_descriptor ipmi_ssif sparse_keymap kvm ib_core rfkill syscopyarea sysfillrect video sysimgblt irqbypass ipmi_si ipmi_devintf fb_sys_fops rapl iTCO_wdt mxm_wmi iTCO_vendor_support intel_cstate pcspkr dcdbas intel_uncore ipmi_msghandler lpc_ich acpi_power_meter mei_me mei fuse drm xfs libcrc32c qede sd_mod ahci libahci t10_pi sg crct10dif_pclmul crc32_pclmul crc32c_intel qed libata tg3\nghash_clmulni_intel megaraid_sas crc8 wmi [last unloaded: ib_srpt]\nCPU: 0 PID: 143192 Comm: fi_rdm_tagged_p Kdump: loaded Not tainted 5.14.0-408.el9.x86_64 #1\nHardware name: Dell Inc. PowerEdge R430/03XKDV, BIOS 2.14.0 01/25/2022\nRIP: 0010:uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nCode: 5d 41 5c 41 5d 41 5e e9 0f 26 1b dd 48 89 df e8 67 6a ff ff 49 8b 86 10 01 00 00 48 85 c0 74 9c 4c 89 e7 e8 83 c0 cb dd eb 92 <0f> 0b eb be 0f 0b be 04 00 00 00 48 89 df e8 8e f5 ff ff e9 6d ff\nRSP: 0018:ffffb7c6cadfbc60 EFLAGS: 00010286\nRAX: ffff8f0889ee3f60 RBX: ffff8f088c1a5200 RCX: 00000000802a0016\nRDX: 00000000802a0017 RSI: 0000000000000001 RDI: ffff8f0880042600\nRBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\nR10: ffff8f11fffd5000 R11: 0000000000039000 R12: ffff8f0d5b36cd80\nR13: ffff8f088c1a5250 R14: ffff8f1206d91000 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff8f11d7c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000147069200e20 CR3: 00000001c7210002 CR4: 00000000001706f0\nCall Trace:\n<TASK>\n? show_trace_log_lvl+0x1c4/0x2df\n? show_trace_log_lvl+0x1c4/0x2df\n? ib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? __warn+0x81/0x110\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? report_bug+0x10a/0x140\n? handle_bug+0x3c/0x70\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n__fput+0x94/0x250\ntask_work_run+0x5c/0x90\ndo_exit+0x270/0x4a0\ndo_group_exit+0x2d/0x90\nget_signal+0x87c/0x8c0\narch_do_signal_or_restart+0x25/0x100\n? ib_uverbs_ioctl+0xc2/0x110 [ib_uverbs]\nexit_to_user_mode_loop+0x9c/0x130\nexit_to_user_mode_prepare+0xb6/0x100\nsyscall_exit_to_user_mode+0x12/0x40\ndo_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\n? common_interrupt+0x43/0xa0\nentry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x1470abe3ec6b\nCode: Unable to access opcode bytes at RIP 0x1470abe3ec41.\nRSP: 002b:00007fff13ce9108 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: fffffffffffffffc RBX: 00007fff13ce9218 RCX: 00001470abe3ec6b\nRDX: 00007fff13ce9200 RSI: 00000000c0181b01 RDI: 0000000000000004\nRBP: 00007fff13ce91e0 R08: 0000558d9655da10 R09: 0000558d9655dd00\nR10: 00007fff13ce95c0 R11: 0000000000000246 R12: 00007fff13ce9358\nR13: 0000000000000013 R14: 0000558d9655db50 R15: 00007fff13ce9470\n</TASK>\n--[ end trace 888a9b92e04c5c97 ]--", title: "Vulnerability description", }, { category: "summary", text: "kernel: RDMA/qedr: Fix qedr_create_user_qp error flow", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26743", }, { category: "external", summary: "RHBZ#2273262", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273262", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26743", url: "https://www.cve.org/CVERecord?id=CVE-2024-26743", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26743", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26743", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26743-6034@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26743-6034@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: RDMA/qedr: Fix qedr_create_user_qp error flow", }, { cve: "CVE-2024-26744", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273260", }, ], notes: [ { category: "description", text: "A flaw was foundin the Linux Kernel when specifying the srpt_service_guid parameter, which may lead to kernel crash.", title: "Vulnerability description", }, { category: "summary", text: "kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26744", }, { category: "external", summary: "RHBZ#2273260", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273260", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26744", url: "https://www.cve.org/CVERecord?id=CVE-2024-26744", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26744", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26744", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26744-d344@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26744-d344@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter", }, { cve: "CVE-2024-26779", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-04-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2273223", }, ], notes: [ { category: "description", text: "A vulnerability was found in the mac80211 driver in the Linux kernel. This issue could lead to potential crashes or memory corruption due to of a situation where the driver attempts to utilize data structures that haven't been fully initialized yet.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: mac80211: fix race condition on enabling fast-xmit", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26779", }, { category: "external", summary: "RHBZ#2273223", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2273223", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26779", url: "https://www.cve.org/CVERecord?id=CVE-2024-26779", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26779", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26779", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024040310-CVE-2024-26779-8030@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024040310-CVE-2024-26779-8030@gregkh/T", }, ], release_date: "2024-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: mac80211: fix race condition on enabling fast-xmit", }, { cve: "CVE-2024-26872", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275707", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srpt: Do not register event handler until srpt device is fully setup\n\nUpon rare occasions, KASAN reports a use-after-free Write\nin srpt_refresh_port().\n\nThis seems to be because an event handler is registered before the\nsrpt device is fully setup and a race condition upon error may leave a\npartially setup event handler in place.\n\nInstead, only register the event handler after srpt device initialization\nis complete.", title: "Vulnerability description", }, { category: "summary", text: "kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26872", }, { category: "external", summary: "RHBZ#2275707", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275707", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26872", url: "https://www.cve.org/CVERecord?id=CVE-2024-26872", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26872", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26872", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26872-2d38@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26872-2d38@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup", }, { cve: "CVE-2024-26892", cwe: { id: "CWE-416", name: "Use After Free", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275666", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921e: fix use-after-free in free_irq()\n\nFrom commit a304e1b82808 (\"[PATCH] Debug shared irqs\"), there is a test\nto make sure the shared irq handler should be able to handle the unexpected\nevent after deregistration. For this case, let's apply MT76_REMOVED flag to\nindicate the device was removed and do not run into the resource access\nanymore.\n\nBUG: KASAN: use-after-free in mt7921_irq_handler+0xd8/0x100 [mt7921e]\nRead of size 8 at addr ffff88824a7d3b78 by task rmmod/11115\nCPU: 28 PID: 11115 Comm: rmmod Tainted: G W L 5.17.0 #10\nHardware name: Micro-Star International Co., Ltd. MS-7D73/MPG B650I\nEDGE WIFI (MS-7D73), BIOS 1.81 01/05/2024\nCall Trace:\n <TASK>\n dump_stack_lvl+0x6f/0xa0\n print_address_description.constprop.0+0x1f/0x190\n ? mt7921_irq_handler+0xd8/0x100 [mt7921e]\n ? mt7921_irq_handler+0xd8/0x100 [mt7921e]\n kasan_report.cold+0x7f/0x11b\n ? mt7921_irq_handler+0xd8/0x100 [mt7921e]\n mt7921_irq_handler+0xd8/0x100 [mt7921e]\n free_irq+0x627/0xaa0\n devm_free_irq+0x94/0xd0\n ? devm_request_any_context_irq+0x160/0x160\n ? kobject_put+0x18d/0x4a0\n mt7921_pci_remove+0x153/0x190 [mt7921e]\n pci_device_remove+0xa2/0x1d0\n __device_release_driver+0x346/0x6e0\n driver_detach+0x1ef/0x2c0\n bus_remove_driver+0xe7/0x2d0\n ? __check_object_size+0x57/0x310\n pci_unregister_driver+0x26/0x250\n __do_sys_delete_module+0x307/0x510\n ? free_module+0x6a0/0x6a0\n ? fpregs_assert_state_consistent+0x4b/0xb0\n ? rcu_read_lock_sched_held+0x10/0x70\n ? syscall_enter_from_user_mode+0x20/0x70\n ? trace_hardirqs_on+0x1c/0x130\n do_syscall_64+0x5c/0x80\n ? trace_hardirqs_on_prepare+0x72/0x160\n ? do_syscall_64+0x68/0x80\n ? trace_hardirqs_on_prepare+0x72/0x160\n entry_SYSCALL_64_after_hwframe+0x44/0xae", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: mt76: mt7921e: fix use-after-free in free_irq()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26892", }, { category: "external", summary: "RHBZ#2275666", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275666", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26892", url: "https://www.cve.org/CVERecord?id=CVE-2024-26892", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26892", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26892", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041743-CVE-2024-26892-809e@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041743-CVE-2024-26892-809e@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: wifi: mt76: mt7921e: fix use-after-free in free_irq()", }, { cve: "CVE-2024-26897", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275655", }, ], notes: [ { category: "description", text: "A flaw was found in the Linux kernel. This vulnerability affects the ath9k wireless driver in the Linux kernel, specifically used with ath9k_htc devices. The issue arises from a race condition where certain initialization processes are incomplete when the system begins handling WiFi-related events. The problem occurs because the device is exposed to the USB subsystem before the ath9k driver finishes initializing critical data structures.\nThis can lead to NULL pointer dereferences, which cause system crashes, particularly when running specific commands or handling events during WiFi operations. A partial fix had been applied earlier to prevent one aspect of this issue, but further problems were identified. The final resolution was to delay all event handling in the ath9k_wmi_event_tasklet() function until initialization is fully complete, ensuring stability.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26897", }, { category: "external", summary: "RHBZ#2275655", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275655", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26897", url: "https://www.cve.org/CVERecord?id=CVE-2024-26897", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26897", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26897", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041744-CVE-2024-26897-5382@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041744-CVE-2024-26897-5382@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete", }, { cve: "CVE-2024-26901", cwe: { id: "CWE-402", name: "Transmission of Private Resources into a New Sphere ('Resource Leak')", }, discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275645", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak\n\nsyzbot identified a kernel information leak vulnerability in\ndo_sys_name_to_handle() and issued the following report [1].\n\n[1]\n\"BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n do_sys_name_to_handle fs/fhandle.c:73 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n __do_kmalloc_node mm/slab_common.c:1006 [inline]\n __kmalloc+0x121/0x3c0 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n do_sys_name_to_handle fs/fhandle.c:39 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nBytes 18-19 of 20 are uninitialized\nMemory access of size 20 starts at ffff888128a46380\nData copied to user address 0000000020000240\"\n\nPer Chuck Lever's suggestion, use kzalloc() instead of kmalloc() to\nsolve the problem.", title: "Vulnerability description", }, { category: "summary", text: "kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26901", }, { category: "external", summary: "RHBZ#2275645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275645", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26901", url: "https://www.cve.org/CVERecord?id=CVE-2024-26901", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26901", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26901", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041745-CVE-2024-26901-34e7@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041745-CVE-2024-26901-34e7@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak", }, { cve: "CVE-2024-26919", discovery_date: "2024-04-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2275777", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: Fix debugfs directory leak\n\nThe ULPI per-device debugfs root is named after the ulpi device's\nparent, but ulpi_unregister_interface tries to remove a debugfs\ndirectory named after the ulpi device itself. This results in the\ndirectory sticking around and preventing subsequent (deferred) probes\nfrom succeeding. Change the directory name to match the ulpi device.", title: "Vulnerability description", }, { category: "summary", text: "kernel: usb: ulpi: Fix debugfs directory leak", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26919", }, { category: "external", summary: "RHBZ#2275777", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2275777", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26919", url: "https://www.cve.org/CVERecord?id=CVE-2024-26919", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26919", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26919", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26919-5100@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26919-5100@gregkh/T", }, ], release_date: "2024-04-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: usb: ulpi: Fix debugfs directory leak", }, { cve: "CVE-2024-26933", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278240", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in port \"disable\" sysfs attribute\n\nThe show and store callback routines for the \"disable\" sysfs attribute\nfile in port.c acquire the device lock for the port's parent hub\ndevice. This can cause problems if another process has locked the hub\nto remove it or change its configuration:\n\n\tRemoving the hub or changing its configuration requires the\n\thub interface to be removed, which requires the port device\n\tto be removed, and device_del() waits until all outstanding\n\tsysfs attribute callbacks for the ports have returned. The\n\tlock can't be released until then.\n\n\tBut the disable_show() or disable_store() routine can't return\n\tuntil after it has acquired the lock.\n\nThe resulting deadlock can be avoided by calling\nsysfs_break_active_protection(). This will cause the sysfs core not\nto wait for the attribute's callback routine to return, allowing the\nremoval to proceed. The disadvantage is that after making this call,\nthere is no guarantee that the hub structure won't be deallocated at\nany moment. To prevent this, we have to acquire a reference to it\nfirst by calling hub_get().", title: "Vulnerability description", }, { category: "summary", text: "kernel: USB: core: Fix deadlock in port "disable" sysfs attribute", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26933", }, { category: "external", summary: "RHBZ#2278240", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278240", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26933", url: "https://www.cve.org/CVERecord?id=CVE-2024-26933", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26933", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26933", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26933-c18d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26933-c18d@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: USB: core: Fix deadlock in port "disable" sysfs attribute", }, { cve: "CVE-2024-26934", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278237", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface's parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can't complete\nuntil the device lock has been released, and the lock won't be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun <samsun1006219@gmail.com>\nReported by: xingwei lee <xrivendell7@gmail.com>", title: "Vulnerability description", }, { category: "summary", text: "kernel: USB: core: Fix deadlock in usb_deauthorize_interface()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26934", }, { category: "external", summary: "RHBZ#2278237", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278237", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26934", url: "https://www.cve.org/CVERecord?id=CVE-2024-26934", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26934", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26934", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26934-e2fc@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26934-e2fc@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: USB: core: Fix deadlock in usb_deauthorize_interface()", }, { cve: "CVE-2024-26964", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278169", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Add error handling in xhci_map_urb_for_dma\n\nCurrently xhci_map_urb_for_dma() creates a temporary buffer and copies\nthe SG list to the new linear buffer. But if the kzalloc_node() fails,\nthen the following sg_pcopy_to_buffer() can lead to crash since it\ntries to memcpy to NULL pointer.\n\nSo return -ENOMEM if kzalloc returns null pointer.", title: "Vulnerability description", }, { category: "summary", text: "kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26964", }, { category: "external", summary: "RHBZ#2278169", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278169", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26964", url: "https://www.cve.org/CVERecord?id=CVE-2024-26964", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26964", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26964", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26964-54c8@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26964-54c8@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma", }, { cve: "CVE-2024-26973", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278356", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfat: fix uninitialized field in nostale filehandles\n\nWhen fat_encode_fh_nostale() encodes file handle without a parent it\nstores only first 10 bytes of the file handle. However the length of the\nfile handle must be a multiple of 4 so the file handle is actually 12\nbytes long and the last two bytes remain uninitialized. This is not\ngreat at we potentially leak uninitialized information with the handle\nto userspace. Properly initialize the full handle length.", title: "Vulnerability description", }, { category: "summary", text: "kernel: fat: fix uninitialized field in nostale filehandles", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26973", }, { category: "external", summary: "RHBZ#2278356", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278356", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26973", url: "https://www.cve.org/CVERecord?id=CVE-2024-26973", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26973", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26973", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26973-54a3@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26973-54a3@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: fat: fix uninitialized field in nostale filehandles", }, { cve: "CVE-2024-26993", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278314", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won't get called (and would only cause an access violation by\ntrying to dereference kn->parent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.", title: "Vulnerability description", }, { category: "summary", text: "kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-26993", }, { category: "external", summary: "RHBZ#2278314", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278314", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-26993", url: "https://www.cve.org/CVERecord?id=CVE-2024-26993", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-26993", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-26993", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26993-fe52@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26993-fe52@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()", }, { cve: "CVE-2024-27014", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278268", }, ], notes: [ { category: "description", text: "A flaw was found in the Linus Kernel. A potential deadlock can occur while disabling aRFS in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c.", title: "Vulnerability description", }, { category: "summary", text: "kernel: net/mlx5e: Prevent deadlock while disabling aRFS", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27014", }, { category: "external", summary: "RHBZ#2278268", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278268", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27014", url: "https://www.cve.org/CVERecord?id=CVE-2024-27014", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27014", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27014", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27014-d2dc@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27014-d2dc@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: net/mlx5e: Prevent deadlock while disabling aRFS", }, { cve: "CVE-2024-27048", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278431", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's Wi-Fi cfg80211.c driver, where a lack of proper checks can result in a NULL pointer dereference. This issue occurs when the brcmf_pmksa_v3_op() function attempts to call malloc (), but the physical memory has run out. In this situation, kzalloc() will return NULL, which the function does not check before using it in the corresponding value pmk_op., possibly leading to system instability.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: brcm80211: handle pmk_op allocation failure", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27048", }, { category: "external", summary: "RHBZ#2278431", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278431", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27048", url: "https://www.cve.org/CVERecord?id=CVE-2024-27048", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27048", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27048", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27048-016f@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27048-016f@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: brcm80211: handle pmk_op allocation failure", }, { cve: "CVE-2024-27052", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278417", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's net rtl8xxxu_core.c driver, where a race condition can lead to a use-after-free situation in the rtl8xxxu_stop() function. This occurs when the workqueue is still running but the driver has been stopped and can lead to c2hcmd_work attempting to access memory that has been freed. This issue can lead to memory corruption or crashes.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27052", }, { category: "external", summary: "RHBZ#2278417", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278417", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27052", url: "https://www.cve.org/CVERecord?id=CVE-2024-27052", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27052", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27052", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27052-fb6d@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27052-fb6d@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work", }, { cve: "CVE-2024-27056", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278409", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Linux kernel's iwlwifi driver for Intel wireless devices. This issue occurs when the system attempts to sync the TX queue for an offloading TID during resume, but the queue is not allocated if no packets have been sent on TID 0.", title: "Vulnerability description", }, { category: "summary", text: "kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27056", }, { category: "external", summary: "RHBZ#2278409", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278409", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27056", url: "https://www.cve.org/CVERecord?id=CVE-2024-27056", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27056", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27056", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27056-98c0@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27056-98c0@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists", }, { cve: "CVE-2024-27059", discovery_date: "2024-05-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2278398", }, ], notes: [ { category: "description", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device's ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).", title: "Vulnerability description", }, { category: "summary", text: "kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-27059", }, { category: "external", summary: "RHBZ#2278398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2278398", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-27059", url: "https://www.cve.org/CVERecord?id=CVE-2024-27059", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-27059", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-27059", }, { category: "external", summary: "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27059-baaa@gregkh/T", url: "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27059-baaa@gregkh/T", }, ], release_date: "2024-05-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-06-05T10:05:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", product_ids: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:3627", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.