rhsa-2024_3627
Vulnerability from csaf_redhat
Published
2024-06-05 10:05
Modified
2024-11-15 21:32
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)
* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)
* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)
* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)
* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)
* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)
* kernel: use after free in i2c (CVE-2019-25162)
* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)
* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777)
* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)
* kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055)
* kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump (CVE-2024-26615)
* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)
* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)
* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)
* kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)
* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)
* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)
* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)
* kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118)
* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)
* kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)
* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)
* kernel: i2c: i801: Don't generate an interrupt on bus reset (CVE-2021-47153)
* kernel: xhci: handle isoc Babble and Buffer Overrun events properly (CVE-2024-26659)
* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)
* kernel: wifi: mac80211: fix race condition on enabling fast-xmit (CVE-2024-26779)
* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744)
* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)
* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)
* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)
* kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872)
* kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)
* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)
* kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)
* kernel: USB: core: Fix deadlock in port "disable" sysfs attribute (CVE-2024-26933)
* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)
* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)
* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059)
Bug Fix(es):
* kernel-rt: update RT source tree to the latest RHEL-8.10.z kernel (JIRA:RHEL-34640)
* kernel-rt: epoll_wait not reporting catching all events to application (JIRA:RHEL-23022)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240)\n\n* kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)\n\n* kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744)\n\n* kernel: i2c: i801: Fix block process call transactions (CVE-2024-26593)\n\n* kernel: pvrusb2: fix use after free on context disconnection (CVE-2023-52445)\n\n* kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever (CVE-2024-26603)\n\n* kernel: use after free in i2c (CVE-2019-25162)\n\n* kernel: i2c: validate user data in compat ioctl (CVE-2021-46934)\n\n* kernel: media: dvbdev: Fix memory leak in dvb_media_device_free() (CVE-2020-36777)\n\n* kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors (CVE-2023-52477)\n\n* kernel: mtd: require write permissions for locking and badblock ioctls (CVE-2021-47055)\n\n* kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump (CVE-2024-26615)\n\n* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)\n\n* kernel: Integer Overflow in raid5_cache_count (CVE-2024-23307)\n\n* kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu() (CVE-2023-52565)\n\n* kernel: net: bridge: data races indata-races in br_handle_frame_finish() (CVE-2023-52578)\n\n* kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (CVE-2023-52528)\n\n* kernel: platform/x86: think-lmi: Fix reference leak (CVE-2023-52520)\n\n* kernel: RDMA/siw: Fix connection failure handling (CVE-2023-52513)\n\n* kernel: pid: take a reference when initializing `cad_pid` (CVE-2021-47118)\n\n* kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)\n\n* kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (CVE-2024-26643)\n\n* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)\n\n* kernel: i2c: i801: Don\u0026#39;t generate an interrupt on bus reset (CVE-2021-47153)\n\n* kernel: xhci: handle isoc Babble and Buffer Overrun events properly (CVE-2024-26659)\n\n* kernel: hwmon: (coretemp) Fix out-of-bounds memory access (CVE-2024-26664)\n\n* kernel: wifi: mac80211: fix race condition on enabling fast-xmit (CVE-2024-26779)\n\n* kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter (CVE-2024-26744)\n\n* kernel: RDMA/qedr: Fix qedr_create_user_qp error flow (CVE-2024-26743)\n\n* kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)\n\n* kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (CVE-2024-26901)\n\n* kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup (CVE-2024-26872)\n\n* kernel: usb: ulpi: Fix debugfs directory leak (CVE-2024-26919)\n\n* kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma (CVE-2024-26964)\n\n* kernel: USB: core: Fix deadlock in usb_deauthorize_interface() (CVE-2024-26934)\n\n* kernel: USB: core: Fix deadlock in port \u0026#34;disable\u0026#34; sysfs attribute (CVE-2024-26933)\n\n* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)\n\n* kernel: fat: fix uninitialized field in nostale filehandles (CVE-2024-26973)\n\n* kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (CVE-2024-27059)\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest RHEL-8.10.z kernel (JIRA:RHEL-34640)\n\n* kernel-rt: epoll_wait not reporting catching all events to application (JIRA:RHEL-23022)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:3627", "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2250843", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250843" }, { "category": "external", "summary": "2257406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257406" }, { "category": "external", "summary": "2263875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263875" }, { "category": "external", "summary": "2265271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265271" }, { "category": "external", "summary": "2265646", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265646" }, { "category": "external", "summary": "2265654", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265654" }, { "category": "external", "summary": "2265833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265833" }, { "category": "external", "summary": "2266296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266296" }, { "category": "external", "summary": "2266446", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266446" }, { "category": "external", "summary": "2266746", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266746" }, { "category": "external", "summary": "2266841", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266841" }, { "category": "external", "summary": "2267038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267038" }, { "category": "external", "summary": "2267185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267185" }, { "category": "external", "summary": "2267355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267355" }, { "category": "external", "summary": "2267509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267509" }, { "category": "external", "summary": "2267705", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267705" }, { "category": "external", "summary": "2267724", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267724" }, { "category": "external", "summary": "2267758", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267758" }, { "category": "external", "summary": "2267789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267789" }, { "category": "external", "summary": "2267797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267797" }, { "category": "external", "summary": "2267804", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267804" }, { "category": "external", "summary": "2268315", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268315" }, { "category": "external", "summary": "2268317", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268317" }, { "category": "external", "summary": "2269213", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269213" }, { "category": "external", "summary": "2269856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269856" }, { "category": "external", "summary": "2270080", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270080" }, { "category": "external", "summary": "2270879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270879" }, { "category": "external", "summary": "2270881", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270881" }, { "category": "external", "summary": "2271469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271469" }, { "category": "external", "summary": "2271476", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271476" }, { "category": "external", "summary": "2272780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272780" }, { "category": "external", "summary": "2272791", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272791" }, { "category": "external", "summary": "2273092", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273092" }, { "category": "external", "summary": "2273094", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273094" }, { "category": "external", "summary": "2273223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273223" }, { "category": "external", "summary": "2273260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273260" }, { "category": "external", "summary": "2273262", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273262" }, { "category": "external", "summary": "2274624", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274624" }, { "category": "external", "summary": "2275645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275645" }, { "category": "external", "summary": "2275655", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275655" }, { "category": "external", "summary": "2275666", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275666" }, { "category": "external", "summary": "2275707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275707" }, { "category": "external", "summary": "2275777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275777" }, { "category": "external", "summary": "2278169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278169" }, { "category": "external", "summary": "2278237", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278237" }, { "category": "external", "summary": "2278240", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278240" }, { "category": "external", "summary": "2278268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278268" }, { "category": "external", "summary": "2278314", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278314" }, { "category": "external", "summary": "2278356", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278356" }, { "category": "external", "summary": "2278398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278398" }, { "category": "external", "summary": "2278409", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278409" }, { "category": "external", "summary": "2278417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278417" }, { "category": "external", "summary": "2278431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278431" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3627.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-15T21:32:34+00:00", "generator": { "date": "2024-11-15T21:32:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:3627", "initial_release_date": "2024-06-05T10:05:30+00:00", "revision_history": [ { "date": "2024-06-05T10:05:30+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-06-05T10:05:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T21:32:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux NFV (v. 8)", "product": { "name": "Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux RT (v. 8)", "product": { "name": "Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "product": { "name": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "product_id": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.5.1.rt7.346.el8_10?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.5.1.rt7.346.el8_10?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src" }, "product_reference": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src" }, "product_reference": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-25162", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-02-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266296" } ], "notes": [ { "category": "description", "text": "An out-of-bounds (OOB) memory access flaw was found in the i2c driver module in the Linux kernel.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use after free in i2c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25162" }, { "category": "external", "summary": "RHBZ#2266296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25162", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25162" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022602-CVE-2019-25162-70ae@gregkh/", "url": "https://lore.kernel.org/linux-cve-announce/2024022602-CVE-2019-25162-70ae@gregkh/" } ], "release_date": "2024-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: use after free in i2c" }, { "cve": "CVE-2020-36777", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2024-02-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266746" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. A missing memory release in the dvb_media_device_free function in the drivers/media/dvb-core/dvbdev.c file can result in a memory leak.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()", "title": "Vulnerability summary" }, { "category": "other", "text": "The kernel as shipped by Red Hat Enterprise Linux 9 is not affected by this issue because it already contains the fix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-36777" }, { "category": "external", "summary": "RHBZ#2266746", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266746" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-36777", "url": "https://www.cve.org/CVERecord?id=CVE-2020-36777" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36777", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36777" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240227184057.2368370-2-gregkh@linuxfoundation.org/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/20240227184057.2368370-2-gregkh@linuxfoundation.org/T/#u" } ], "release_date": "2024-02-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()" }, { "cve": "CVE-2021-46934", "cwe": { "id": "CWE-703", "name": "Improper Check or Handling of Exceptional Conditions" }, "discovery_date": "2024-02-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266446" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: validate user data in compat ioctl\n\nWrong user data may cause warning in i2c_transfer(), ex: zero msgs.\nUserspace should not be able to trigger warnings, so this patch adds\nvalidation checks for user data in compact ioctl to prevent reported\nwarnings", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: i2c: validate user data in compat ioctl", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-46934" }, { "category": "external", "summary": "RHBZ#2266446", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266446" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-46934", "url": "https://www.cve.org/CVERecord?id=CVE-2021-46934" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-46934", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46934" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022750-CVE-2021-46934-79c8@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022750-CVE-2021-46934-79c8@gregkh/T/#u" } ], "release_date": "2024-02-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: i2c: validate user data in compat ioctl" }, { "cve": "CVE-2021-47013", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-02-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266841" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u2019s Qualcomm Gigabit Ethernet Media Access Controller (EMAC) driver in how a user triggers an error path in the emac_tx_fill_tpd function. This flaw allows a local user to crash or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47013" }, { "category": "external", "summary": "RHBZ#2266841", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266841" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47013", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47013" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47013", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47013" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022831-CVE-2021-47013-034a@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022831-CVE-2021-47013-034a@gregkh/T/#u" } ], "release_date": "2024-02-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send" }, { "cve": "CVE-2021-47055", "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267185" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux Kernel, requiring write permissions for locking and badblock ioctls, as they modify protection bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mtd: require write permissions for locking and badblock ioctls", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 9 is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47055" }, { "category": "external", "summary": "RHBZ#2267185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267185" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47055", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47055" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47055", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47055" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022950-CVE-2021-47055-6927@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022950-CVE-2021-47055-6927@gregkh/T/#u" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mtd: require write permissions for locking and badblock ioctls" }, { "cve": "CVE-2021-47118", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-03-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2269856" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npid: take a reference when initializing `cad_pid`\n\nDuring boot, kernel_init_freeable() initializes `cad_pid` to the init\ntask\u0027s struct pid. Later on, we may change `cad_pid` via a sysctl, and\nwhen this happens proc_do_cad_pid() will increment the refcount on the\nnew pid via get_pid(), and will decrement the refcount on the old pid\nvia put_pid(). As we never called get_pid() when we initialized\n`cad_pid`, we decrement a reference we never incremented, can therefore\nfree the init task\u0027s struct pid early. As there can be dangling\nreferences to the struct pid, we can later encounter a use-after-free\n(e.g. when delivering signals).\n\nThis was spotted when fuzzing v5.13-rc3 with Syzkaller, but seems to\nhave been around since the conversion of `cad_pid` to struct pid in\ncommit 9ec52099e4b8 (\"[PATCH] replace cad_pid by a struct pid\") from the\npre-KASAN stone age of v2.6.19.\n\nFix this by getting a reference to the init task\u0027s struct pid when we\nassign it to `cad_pid`.\n\nFull KASAN splat below.\n\n ==================================================================\n BUG: KASAN: use-after-free in ns_of_pid include/linux/pid.h:153 [inline]\n BUG: KASAN: use-after-free in task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n Read of size 4 at addr ffff23794dda0004 by task syz-executor.0/273\n\n CPU: 1 PID: 273 Comm: syz-executor.0 Not tainted 5.12.0-00001-g9aef892b2d15 #1\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n ns_of_pid include/linux/pid.h:153 [inline]\n task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n do_notify_parent+0x308/0xe60 kernel/signal.c:1950\n exit_notify kernel/exit.c:682 [inline]\n do_exit+0x2334/0x2bd0 kernel/exit.c:845\n do_group_exit+0x108/0x2c8 kernel/exit.c:922\n get_signal+0x4e4/0x2a88 kernel/signal.c:2781\n do_signal arch/arm64/kernel/signal.c:882 [inline]\n do_notify_resume+0x300/0x970 arch/arm64/kernel/signal.c:936\n work_pending+0xc/0x2dc\n\n Allocated by task 0:\n slab_post_alloc_hook+0x50/0x5c0 mm/slab.h:516\n slab_alloc_node mm/slub.c:2907 [inline]\n slab_alloc mm/slub.c:2915 [inline]\n kmem_cache_alloc+0x1f4/0x4c0 mm/slub.c:2920\n alloc_pid+0xdc/0xc00 kernel/pid.c:180\n copy_process+0x2794/0x5e18 kernel/fork.c:2129\n kernel_clone+0x194/0x13c8 kernel/fork.c:2500\n kernel_thread+0xd4/0x110 kernel/fork.c:2552\n rest_init+0x44/0x4a0 init/main.c:687\n arch_call_rest_init+0x1c/0x28\n start_kernel+0x520/0x554 init/main.c:1064\n 0x0\n\n Freed by task 270:\n slab_free_hook mm/slub.c:1562 [inline]\n slab_free_freelist_hook+0x98/0x260 mm/slub.c:1600\n slab_free mm/slub.c:3161 [inline]\n kmem_cache_free+0x224/0x8e0 mm/slub.c:3177\n put_pid.part.4+0xe0/0x1a8 kernel/pid.c:114\n put_pid+0x30/0x48 kernel/pid.c:109\n proc_do_cad_pid+0x190/0x1b0 kernel/sysctl.c:1401\n proc_sys_call_handler+0x338/0x4b0 fs/proc/proc_sysctl.c:591\n proc_sys_write+0x34/0x48 fs/proc/proc_sysctl.c:617\n call_write_iter include/linux/fs.h:1977 [inline]\n new_sync_write+0x3ac/0x510 fs/read_write.c:518\n vfs_write fs/read_write.c:605 [inline]\n vfs_write+0x9c4/0x1018 fs/read_write.c:585\n ksys_write+0x124/0x240 fs/read_write.c:658\n __do_sys_write fs/read_write.c:670 [inline]\n __se_sys_write fs/read_write.c:667 [inline]\n __arm64_sys_write+0x78/0xb0 fs/read_write.c:667\n __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n invoke_syscall arch/arm64/kernel/syscall.c:49 [inline]\n el0_svc_common.constprop.1+0x16c/0x388 arch/arm64/kernel/syscall.c:129\n do_el0_svc+0xf8/0x150 arch/arm64/kernel/syscall.c:168\n el0_svc+0x28/0x38 arch/arm64/kernel/entry-common.c:416\n el0_sync_handler+0x134/0x180 arch/arm64/kernel/entry-common.c:432\n el0_sync+0x154/0x180 arch/arm64/kernel/entry.S:701\n\n The buggy address belongs to the object at ffff23794dda0000\n which belongs to the cache pid of size 224\n The buggy address is located 4 bytes inside of\n 224-byte region [ff\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: pid: take a reference when initializing `cad_pid`", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47118" }, { "category": "external", "summary": "RHBZ#2269856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269856" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47118", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47118" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47118", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47118" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024031509-CVE-2021-47118-faf2@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024031509-CVE-2021-47118-faf2@gregkh/T/#u" } ], "release_date": "2024-03-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: pid: take a reference when initializing `cad_pid`" }, { "cve": "CVE-2021-47153", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2271476" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don\u0027t generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: i2c: i801: Don\u0026#39;t generate an interrupt on bus reset", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47153" }, { "category": "external", "summary": "RHBZ#2271476", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271476" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47153", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47153" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47153", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47153" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024032501-CVE-2021-47153-8c75@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024032501-CVE-2021-47153-8c75@gregkh/T" } ], "release_date": "2024-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: i2c: i801: Don\u0026#39;t generate an interrupt on bus reset" }, { "cve": "CVE-2021-47171", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2271469" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: usb: fix memory leak in smsc75xx_bind", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47171" }, { "category": "external", "summary": "RHBZ#2271469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271469" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47171", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47171" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47171", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47171" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024032536-CVE-2021-47171-f223@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024032536-CVE-2021-47171-f223@gregkh/T" } ], "release_date": "2024-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net: usb: fix memory leak in smsc75xx_bind" }, { "cve": "CVE-2021-47185", "cwe": { "id": "CWE-1050", "name": "Excessive Platform Resource Consumption within a Loop" }, "discovery_date": "2024-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2274624" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\n\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\n\n Workqueue: events_unbound flush_to_ldisc\n Call trace:\n dump_backtrace+0x0/0x1ec\n show_stack+0x24/0x30\n dump_stack+0xd0/0x128\n panic+0x15c/0x374\n watchdog_timer_fn+0x2b8/0x304\n __run_hrtimer+0x88/0x2c0\n __hrtimer_run_queues+0xa4/0x120\n hrtimer_interrupt+0xfc/0x270\n arch_timer_handler_phys+0x40/0x50\n handle_percpu_devid_irq+0x94/0x220\n __handle_domain_irq+0x88/0xf0\n gic_handle_irq+0x84/0xfc\n el1_irq+0xc8/0x180\n slip_unesc+0x80/0x214 [slip]\n tty_ldisc_receive_buf+0x64/0x80\n tty_port_default_receive_buf+0x50/0x90\n flush_to_ldisc+0xbc/0x110\n process_one_work+0x1d4/0x4b0\n worker_thread+0x180/0x430\n kthread+0x11c/0x120\n\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47185" }, { "category": "external", "summary": "RHBZ#2274624", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274624" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47185", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47185" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47185", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47185" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041033-CVE-2021-47185-c363@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041033-CVE-2021-47185-c363@gregkh/T" } ], "release_date": "2024-04-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc" }, { "cve": "CVE-2022-48627", "cwe": { "id": "CWE-1260", "name": "Improper Handling of Overlap Between Protected Memory Ranges" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267509" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s virtual terminal driver which causes a memory overlapping copy to occur, this overlapping copy can lead to data corruption and could potentially allow an attacker interacting with a virtual terminal to corrupt or expose system memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: vt: fix memory overlapping when deleting chars in the buffer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48627" }, { "category": "external", "summary": "RHBZ#2267509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267509" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48627", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48627" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48627", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48627" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2022-48627-c7bf@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2022-48627-c7bf@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: vt: fix memory overlapping when deleting chars in the buffer" }, { "cve": "CVE-2023-6240", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "discovery_date": "2023-11-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2250843" } ], "notes": [ { "category": "description", "text": "A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-6240" }, { "category": "external", "summary": "RHBZ#2250843", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250843" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-6240", "url": "https://www.cve.org/CVERecord?id=CVE-2023-6240" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-6240", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6240" }, { "category": "external", "summary": "https://people.redhat.com/~hkario/marvin/", "url": "https://people.redhat.com/~hkario/marvin/" }, { "category": "external", "summary": "https://securitypitfalls.wordpress.com/2023/10/16/experiment-with-side-channel-attacks-yourself/", "url": "https://securitypitfalls.wordpress.com/2023/10/16/experiment-with-side-channel-attacks-yourself/" } ], "release_date": "2023-09-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation" }, { "cve": "CVE-2023-52439", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-02-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265271" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u2019s uio subsystem. A use-after-free memory flaw in the uio_open functionality allows a local user to crash or escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: uio: Fix use-after-free in uio_open", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52439" }, { "category": "external", "summary": "RHBZ#2265271", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265271" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52439", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52439" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52439", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52439" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022026-wobbling-jumbo-748e@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022026-wobbling-jumbo-748e@gregkh/T/#u" } ], "release_date": "2024-02-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "To mitigate this issue, prevent module uio from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: uio: Fix use-after-free in uio_open" }, { "cve": "CVE-2023-52445", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265654" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix use after free on context disconnection\n\nUpon module load, a kthread is created targeting the\npvr2_context_thread_func function, which may call pvr2_context_destroy\nand thus call kfree() on the context object. However, that might happen\nbefore the usb hub_event handler is able to notify the driver. This\npatch adds a sanity check before the invalid read reported by syzbot,\nwithin the context disconnection call stack.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: pvrusb2: fix use after free on context disconnection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52445" }, { "category": "external", "summary": "RHBZ#2265654", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265654" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52445", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52445" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52445", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52445" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022253-CVE-2023-52445-07a6@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022253-CVE-2023-52445-07a6@gregkh/T/#u" } ], "release_date": "2024-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.0, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: pvrusb2: fix use after free on context disconnection" }, { "cve": "CVE-2023-52477", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267038" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: hub: Guard against accesses to uninitialized BOS descriptors\n\nMany functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h\naccess fields inside udev-\u003ebos without checking if it was allocated and\ninitialized. If usb_get_bos_descriptor() fails for whatever\nreason, udev-\u003ebos will be NULL and those accesses will result in a\ncrash:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000018\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 5 PID: 17818 Comm: kworker/5:1 Tainted: G W 5.15.108-18910-gab0e1cb584e1 #1 \u003cHASH:1f9e 1\u003e\nHardware name: Google Kindred/Kindred, BIOS Google_Kindred.12672.413.0 02/03/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:hub_port_reset+0x193/0x788\nCode: 89 f7 e8 20 f7 15 00 48 8b 43 08 80 b8 96 03 00 00 03 75 36 0f b7 88 92 03 00 00 81 f9 10 03 00 00 72 27 48 8b 80 a8 03 00 00 \u003c48\u003e 83 78 18 00 74 19 48 89 df 48 8b 75 b0 ba 02 00 00 00 4c 89 e9\nRSP: 0018:ffffab740c53fcf8 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffa1bc5f678000 RCX: 0000000000000310\nRDX: fffffffffffffdff RSI: 0000000000000286 RDI: ffffa1be9655b840\nRBP: ffffab740c53fd70 R08: 00001b7d5edaa20c R09: ffffffffb005e060\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: ffffab740c53fd3e R14: 0000000000000032 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffffa1be96540000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000018 CR3: 000000022e80c005 CR4: 00000000003706e0\nCall Trace:\nhub_event+0x73f/0x156e\n? hub_activate+0x5b7/0x68f\nprocess_one_work+0x1a2/0x487\nworker_thread+0x11a/0x288\nkthread+0x13a/0x152\n? process_one_work+0x487/0x487\n? kthread_associate_blkcg+0x70/0x70\nret_from_fork+0x1f/0x30\n\nFall back to a default behavior if the BOS descriptor isn\u0027t accessible\nand skip all the functionalities that depend on it: LPM support checks,\nSuper Speed capabilitiy checks, U1/U2 states setup.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52477" }, { "category": "external", "summary": "RHBZ#2267038", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267038" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52477", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52477" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52477", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52477" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022921-CVE-2023-52477-6f20@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022921-CVE-2023-52477-6f20@gregkh/T/#u" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors" }, { "cve": "CVE-2023-52513", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267804" } ], "notes": [ { "category": "description", "text": "A NULL dereference vulnerability was found in the Linux kernel, which is caused when the siw_cm_work_handler() function attempts to dereference a NULL listener that may be created when immediate MPA request processing fails and the newly created endpoint unlinks the listening endpoint ready to be dropped.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: RDMA/siw: Fix connection failure handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52513" }, { "category": "external", "summary": "RHBZ#2267804", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267804" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52513", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52513" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52513", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52513" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030251-CVE-2023-52513-5224@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030251-CVE-2023-52513-5224@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: RDMA/siw: Fix connection failure handling" }, { "cve": "CVE-2023-52520", "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267797" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: think-lmi: Fix reference leak\n\nIf a duplicate attribute is found using kset_find_obj(), a reference\nto that attribute is returned which needs to be disposed accordingly\nusing kobject_put(). Move the setting name validation into a separate\nfunction to allow for this change without having to duplicate the\ncleanup code for this setting.\nAs a side note, a very similar bug was fixed in\ncommit 7295a996fdab (\"platform/x86: dell-sysman: Fix reference leak\"),\nso it seems that the bug was copied from that driver.\n\nCompile-tested only.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: platform/x86: think-lmi: Fix reference leak", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52520" }, { "category": "external", "summary": "RHBZ#2267797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267797" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52520", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52520" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52520", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52520" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2023-52520-0a4e@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2023-52520-0a4e@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: platform/x86: think-lmi: Fix reference leak" }, { "cve": "CVE-2023-52528", "cwe": { "id": "CWE-252", "name": "Unchecked Return Value" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267789" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg\n\nsyzbot reported the following uninit-value access issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\nBUG: KMSAN: uninit-value in smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\nCPU: 0 PID: 8696 Comm: kworker/0:3 Not tainted 5.8.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x21c/0x280 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:975 [inline]\n smsc75xx_bind+0x5c9/0x11e0 drivers/net/usb/smsc75xx.c:1482\n usbnet_probe+0x1152/0x3f90 drivers/net/usb/usbnet.c:1737\n usb_probe_interface+0xece/0x1550 drivers/usb/core/driver.c:374\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_set_configuration+0x380f/0x3f10 drivers/usb/core/message.c:2032\n usb_generic_driver_probe+0x138/0x300 drivers/usb/core/generic.c:241\n usb_probe_device+0x311/0x490 drivers/usb/core/driver.c:272\n really_probe+0xf20/0x20b0 drivers/base/dd.c:529\n driver_probe_device+0x293/0x390 drivers/base/dd.c:701\n __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807\n bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431\n __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873\n device_initial_probe+0x4a/0x60 drivers/base/dd.c:920\n bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491\n device_add+0x3b0e/0x40d0 drivers/base/core.c:2680\n usb_new_device+0x1bd4/0x2a30 drivers/usb/core/hub.c:2554\n hub_port_connect drivers/usb/core/hub.c:5208 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]\n port_event drivers/usb/core/hub.c:5494 [inline]\n hub_event+0x5e7b/0x8a70 drivers/usb/core/hub.c:5576\n process_one_work+0x1688/0x2140 kernel/workqueue.c:2269\n worker_thread+0x10bc/0x2730 kernel/workqueue.c:2415\n kthread+0x551/0x590 kernel/kthread.c:292\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293\n\nLocal variable ----buf.i87@smsc75xx_bind created at:\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n __smsc75xx_read_reg drivers/net/usb/smsc75xx.c:83 [inline]\n smsc75xx_wait_ready drivers/net/usb/smsc75xx.c:968 [inline]\n smsc75xx_bind+0x485/0x11e0 drivers/net/usb/smsc75xx.c:1482\n\nThis issue is caused because usbnet_read_cmd() reads less bytes than requested\n(zero byte in the reproducer). In this case, \u0027buf\u0027 is not properly filled.\n\nThis patch fixes the issue by returning -ENODATA if usbnet_read_cmd() reads\nless bytes than requested.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52528" }, { "category": "external", "summary": "RHBZ#2267789", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267789" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52528", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52528" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52528", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52528" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52528-c33b@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52528-c33b@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg" }, { "cve": "CVE-2023-52565", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267724" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix OOB read\n\nIf the index provided by the user is bigger than the mask size, we might do\nan out of bound read.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52565" }, { "category": "external", "summary": "RHBZ#2267724", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267724" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52565", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52565" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52565", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52565" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52565-07ce@gregkh/", "url": "https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52565-07ce@gregkh/" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()" }, { "cve": "CVE-2023-52578", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267758" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: use DEV_STATS_INC()\n\nsyzbot/KCSAN reported data-races in br_handle_frame_finish() [1]\nThis function can run from multiple cpus without mutual exclusion.\n\nAdopt SMP safe DEV_STATS_INC() to update dev-\u003estats fields.\n\nHandles updates to dev-\u003estats.tx_dropped while we are at it.\n\n[1]\nBUG: KCSAN: data-race in br_handle_frame_finish / br_handle_frame_finish\n\nread-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu 1:\nbr_handle_frame_finish+0xd4f/0xef0 net/bridge/br_input.c:189\nbr_nf_hook_thresh+0x1ed/0x220\nbr_nf_pre_routing_finish_ipv6+0x50f/0x540\nNF_HOOK include/linux/netfilter.h:304 [inline]\nbr_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:178\nbr_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:508\nnf_hook_entry_hookfn include/linux/netfilter.h:144 [inline]\nnf_hook_bridge_pre net/bridge/br_input.c:272 [inline]\nbr_handle_frame+0x4c9/0x940 net/bridge/br_input.c:417\n__netif_receive_skb_core+0xa8a/0x21e0 net/core/dev.c:5417\n__netif_receive_skb_one_core net/core/dev.c:5521 [inline]\n__netif_receive_skb+0x57/0x1b0 net/core/dev.c:5637\nprocess_backlog+0x21f/0x380 net/core/dev.c:5965\n__napi_poll+0x60/0x3b0 net/core/dev.c:6527\nnapi_poll net/core/dev.c:6594 [inline]\nnet_rx_action+0x32b/0x750 net/core/dev.c:6727\n__do_softirq+0xc1/0x265 kernel/softirq.c:553\nrun_ksoftirqd+0x17/0x20 kernel/softirq.c:921\nsmpboot_thread_fn+0x30a/0x4a0 kernel/smpboot.c:164\nkthread+0x1d7/0x210 kernel/kthread.c:388\nret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147\nret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nread-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu 0:\nbr_handle_frame_finish+0xd4f/0xef0 net/bridge/br_input.c:189\nbr_nf_hook_thresh+0x1ed/0x220\nbr_nf_pre_routing_finish_ipv6+0x50f/0x540\nNF_HOOK include/linux/netfilter.h:304 [inline]\nbr_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:178\nbr_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:508\nnf_hook_entry_hookfn include/linux/netfilter.h:144 [inline]\nnf_hook_bridge_pre net/bridge/br_input.c:272 [inline]\nbr_handle_frame+0x4c9/0x940 net/bridge/br_input.c:417\n__netif_receive_skb_core+0xa8a/0x21e0 net/core/dev.c:5417\n__netif_receive_skb_one_core net/core/dev.c:5521 [inline]\n__netif_receive_skb+0x57/0x1b0 net/core/dev.c:5637\nprocess_backlog+0x21f/0x380 net/core/dev.c:5965\n__napi_poll+0x60/0x3b0 net/core/dev.c:6527\nnapi_poll net/core/dev.c:6594 [inline]\nnet_rx_action+0x32b/0x750 net/core/dev.c:6727\n__do_softirq+0xc1/0x265 kernel/softirq.c:553\ndo_softirq+0x5e/0x90 kernel/softirq.c:454\n__local_bh_enable_ip+0x64/0x70 kernel/softirq.c:381\n__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]\n_raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210\nspin_unlock_bh include/linux/spinlock.h:396 [inline]\nbatadv_tt_local_purge+0x1a8/0x1f0 net/batman-adv/translation-table.c:1356\nbatadv_tt_purge+0x2b/0x630 net/batman-adv/translation-table.c:3560\nprocess_one_work kernel/workqueue.c:2630 [inline]\nprocess_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2703\nworker_thread+0x525/0x730 kernel/workqueue.c:2784\nkthread+0x1d7/0x210 kernel/kthread.c:388\nret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147\nret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nvalue changed: 0x00000000000d7190 -\u003e 0x00000000000d7191\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 0 PID: 14848 Comm: kworker/u4:11 Not tainted 6.6.0-rc1-syzkaller-00236-gad8a69f361b9 #0", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: bridge: data races indata-races in br_handle_frame_finish()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52578" }, { "category": "external", "summary": "RHBZ#2267758", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267758" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52578", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52578" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52578", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52578" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030257-CVE-2023-52578-50cb@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030257-CVE-2023-52578-50cb@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net: bridge: data races indata-races in br_handle_frame_finish()" }, { "cve": "CVE-2023-52594", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268317" } ], "notes": [ { "category": "description", "text": "A potential array-index-out-of-bounds read flaw was found in the Linux kernel in ath9k_htc_txstatus(). This issue may lead to a crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52594" }, { "category": "external", "summary": "RHBZ#2268317", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268317" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52594", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52594", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52594" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030645-CVE-2023-52594-9b84@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024030645-CVE-2023-52594-9b84@gregkh/T" } ], "release_date": "2024-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()" }, { "cve": "CVE-2023-52595", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-03-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268315" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. When a hardware reset is triggered, all registers are reset, so all queues are forced to stop in the hardware interface. However, mac80211 will not automatically stop the queue. If the beacon queue is not manually stopped, it will be deadlocked and unable to restart.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: rt2x00: restart beacon queue when hardware reset", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52595" }, { "category": "external", "summary": "RHBZ#2268315", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268315" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52595", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52595", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52595" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030645-CVE-2023-52595-d018@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024030645-CVE-2023-52595-d018@gregkh/T" } ], "release_date": "2024-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: rt2x00: restart beacon queue when hardware reset" }, { "cve": "CVE-2023-52610", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-03-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270080" } ], "notes": [ { "category": "description", "text": "A memory leak flaw and potential kernel crash were found in the Linux kernel\u2019s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user to crash or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/sched: act_ct: fix skb leak and crash on ooo frags", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52610" }, { "category": "external", "summary": "RHBZ#2270080", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270080" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52610", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52610" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52610", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52610" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240318100758.2828621-10-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240318100758.2828621-10-lee@kernel.org/T" } ], "release_date": "2024-03-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "To mitigate this issue, prevent the Conntrack module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/sched: act_ct: fix skb leak and crash on ooo frags" }, { "cve": "CVE-2024-0340", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2024-01-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2257406" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Information disclosure in vhost/vhost.c:vhost_new_msg()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-0340" }, { "category": "external", "summary": "RHBZ#2257406", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257406" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-0340", "url": "https://www.cve.org/CVERecord?id=CVE-2024-0340" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-0340", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0340" }, { "category": "external", "summary": "https://lore.kernel.org/lkml/5kn47peabxjrptkqa6dwtyus35ahf4pcj4qm4pumse33kxqpjw@mec4se5relrc/T/", "url": "https://lore.kernel.org/lkml/5kn47peabxjrptkqa6dwtyus35ahf4pcj4qm4pumse33kxqpjw@mec4se5relrc/T/" } ], "release_date": "2023-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Information disclosure in vhost/vhost.c:vhost_new_msg()" }, { "cve": "CVE-2024-23307", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2024-03-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267705" } ], "notes": [ { "category": "description", "text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Integer Overflow in raid5_cache_count", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has protection mechanisms in place against buffer overflows, such as FORTIFY_SOURCE, Position Independent Executables or Stack Smashing Protection.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-23307" }, { "category": "external", "summary": "RHBZ#2267705", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267705" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23307", "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23307", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23307" }, { "category": "external", "summary": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975", "url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7975" }, { "category": "external", "summary": "https://lore.kernel.org/linux-raid/20240112071017.16313-1-2045gemini@gmail.com/#r", "url": "https://lore.kernel.org/linux-raid/20240112071017.16313-1-2045gemini@gmail.com/#r" }, { "category": "external", "summary": "https://patchwork.kernel.org/project/linux-raid/patch/20240112071017.16313-1-2045gemini@gmail.com/", "url": "https://patchwork.kernel.org/project/linux-raid/patch/20240112071017.16313-1-2045gemini@gmail.com/" } ], "release_date": "2024-01-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Integer Overflow in raid5_cache_count" }, { "cve": "CVE-2024-25744", "discovery_date": "2024-02-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2263875" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: untrusted VMM can trigger int80 syscall handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-25744" }, { "category": "external", "summary": "RHBZ#2263875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263875" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25744", "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25744", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25744" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b82a8dbd3d2f4563156f7150c6f2ecab6e960b30", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b82a8dbd3d2f4563156f7150c6f2ecab6e960b30" } ], "release_date": "2024-02-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "This vulnerability can be mitigated by disabling 32-bit emulation by default for TDX and SEV. The user can override it with the ia32_emulation=y command line option.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: untrusted VMM can trigger int80 syscall handling" }, { "cve": "CVE-2024-26593", "discovery_date": "2024-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265646" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Fix block process call transactions\n\nAccording to the Intel datasheets, software must reset the block\nbuffer index twice for block process call transactions: once before\nwriting the outgoing data to the buffer, and once again before\nreading the incoming data from the buffer.\n\nThe driver is currently missing the second reset, causing the wrong\nportion of the block buffer to be read.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: i2c: i801: Fix block process call transactions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26593" }, { "category": "external", "summary": "RHBZ#2265646", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265646" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26593", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26593" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26593", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26593" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022315-CVE-2024-26593-9d89@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022315-CVE-2024-26593-9d89@gregkh/T/#u" } ], "release_date": "2024-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "To mitigate this issue, prevent module i2c-i801 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: i2c: i801: Fix block process call transactions" }, { "cve": "CVE-2024-26603", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2024-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265833" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s x86/fpu module, which revolves around an issue with relying on user space for critical information regarding the xsave buffer. In the affected scenario, the expected size of the user space buffer is derived from user-controlled data, specifically, fx_sw-\u003exstate_size. By manipulating this value, an attacker could construct a malicious sigreturn frame where the indicated size is smaller than required by valid bits in fx_sw-\u003exfeatures. Furthermore, the attacker could unmap portions of the fpu buffer in the user space, rendering them inaccessible to xrstor.\r\n\r\nThis manipulation leads to a situation where xrstor repeatedly attempts to restore and access an unmapped area, causing a fault. However, the fault_in_readable function erroneously succeeds because the accessed region, buf + fx_sw-\u003exstate_size, remains within the mapped area. Consequently, the system enters a perpetual loop as xrstor continually retries the operation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability, while technically significant due to its potential for exploitation, is classified as Low severity for several reasons. First, successful exploitation requires a precise set of conditions, including the ability to manipulate the fx_sw-\u003exstate_size parameter, which may not always be feasible. Additionally, the exploit\u0027s impact is limited to a specific subsystem (x86/fpu) within the Linux kernel, thereby reducing its overall scope and potential for widespread harm. Moreover, the loop resulting from the fault condition does not result in a system compromise or escalation of privileges but rather leads to a denial-of-service situation, which can be mitigated through a system reboot or other administrative actions.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26603" }, { "category": "external", "summary": "RHBZ#2265833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265833" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26603", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26603" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022415-CVE-2024-26603-42c2@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022415-CVE-2024-26603-42c2@gregkh/T/#u" } ], "release_date": "2024-02-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever" }, { "cve": "CVE-2024-26610", "cwe": { "id": "CWE-680", "name": "Integer Overflow to Buffer Overflow" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2269213" } ], "notes": [ { "category": "description", "text": "A memory corruption flaw was found in the Linux kernel Intel Wireless WiFi Next Gen AGN module. This issue could allow a local user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: iwlwifi: fix a memory corruption", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 9 is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26610" }, { "category": "external", "summary": "RHBZ#2269213", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269213" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26610", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26610", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26610" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-42-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-42-lee@kernel.org/T" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "To mitigate this issue, prevent the iwlwifi module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: iwlwifi: fix a memory corruption" }, { "cve": "CVE-2024-26615", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267355" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel in which functions providing information about SMC-D connections caused a NULL pointer dereference. This flaw allows an attacker with permission to read this information to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26615" }, { "category": "external", "summary": "RHBZ#2267355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267355" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26615", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26615" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26615", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26615" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-47-lee@kernel.org/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-47-lee@kernel.org/T/#u" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump" }, { "cve": "CVE-2024-26642", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270881" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: disallow anonymous set with timeout flag", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26642" }, { "category": "external", "summary": "RHBZ#2270881", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270881" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26642", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26642", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26642" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26642-3549@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26642-3549@gregkh/T" } ], "release_date": "2024-03-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: netfilter: nf_tables: disallow anonymous set with timeout flag" }, { "cve": "CVE-2024-26643", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270879" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the netfilter/nf_tables subsystem of Linux Kernel, where a race condition caused where the garbage collector could prematurely collect elements from anonymous sets with timeouts while they were being released.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26643" }, { "category": "external", "summary": "RHBZ#2270879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270879" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26643", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26643" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26643", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26643" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26643-4f9d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26643-4f9d@gregkh/T" } ], "release_date": "2024-03-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout" }, { "cve": "CVE-2024-26659", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2024-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272780" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel related to the Extensible Host Controller Interface (xHCI) subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous (isoc) Babble and Buffer Overrun events. The vulnerability occurs because the xHCI driver incorrectly assumes that the xHC (host controller) has released its ownership of a multi-TRB (Transfer Request Block) TD (Transfer Descriptor) after reporting an error on an early TRB. This assumption leads to the premature release of the TD, allowing remaining TRBs to be freed or overwritten, which can cause system instability or crashes.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xhci: handle isoc Babble and Buffer Overrun events properly", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security has classified the severity of this vulnerability as Moderate due to the specific prerequisites required for exploitation. Successful exploitation generally necessitates local access to the system with elevated permissions to interact with the Extensible Host Controller Interface (xHCI) driver, which effectively translates to root-level access.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26659" }, { "category": "external", "summary": "RHBZ#2272780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272780" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26659", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26659", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26659" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040222-CVE-2024-26659-e4f6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040222-CVE-2024-26659-e4f6@gregkh/T" } ], "release_date": "2024-04-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "There is no known mitigation to this problem. Red Hat recommends updating to the latest kernel version to fix the problem.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: xhci: handle isoc Babble and Buffer Overrun events properly" }, { "cve": "CVE-2024-26664", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272791" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (coretemp) Fix out-of-bounds memory access\n\nFix a bug that pdata-\u003ecpu_map[] is set before out-of-bounds check.\nThe problem might be triggered on systems with more than 128 cores per\npackage.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: hwmon: (coretemp) Fix out-of-bounds memory access", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26664" }, { "category": "external", "summary": "RHBZ#2272791", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272791" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26664", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26664", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26664" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040223-CVE-2024-26664-03db@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040223-CVE-2024-26664-03db@gregkh/T" } ], "release_date": "2024-04-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: hwmon: (coretemp) Fix out-of-bounds memory access" }, { "cve": "CVE-2024-26693", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273094" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u0027s iwlwifi driver, which can result in a crash due to improper handling of station data (STA) when the system runs out of available stations in the firmware. This could lead to a denial of service (Dos) which crashes the Access Point (AP).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: iwlwifi: mvm: fix a crash when we run out of stations", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26693" }, { "category": "external", "summary": "RHBZ#2273094", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273094" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26693", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26693" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26693", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26693" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040337-CVE-2024-26693-9c3b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040337-CVE-2024-26693-9c3b@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: iwlwifi: mvm: fix a crash when we run out of stations" }, { "cve": "CVE-2024-26694", "cwe": { "id": "CWE-415", "name": "Double Free" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273092" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u0027s iwlwifi driver, where the TLV PC register data being freed is not properly marked as NULL afterwards, resulting in a double-free issue. This could lead to memory corruption or crashes.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: iwlwifi: fix double-free bug", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26694" }, { "category": "external", "summary": "RHBZ#2273092", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273092" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26694", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26694" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26694", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26694" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040337-CVE-2024-26694-b216@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040337-CVE-2024-26694-b216@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: iwlwifi: fix double-free bug" }, { "cve": "CVE-2024-26743", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273262" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/qedr: Fix qedr_create_user_qp error flow\n\nAvoid the following warning by making sure to free the allocated\nresources in case that qedr_init_user_queue() fail.\n\n-----------[ cut here ]-----------\nWARNING: CPU: 0 PID: 143192 at drivers/infiniband/core/rdma_core.c:874 uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nModules linked in: tls target_core_user uio target_core_pscsi target_core_file target_core_iblock ib_srpt ib_srp scsi_transport_srp nfsd nfs_acl rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs 8021q garp mrp stp llc ext4 mbcache jbd2 opa_vnic ib_umad ib_ipoib sunrpc rdma_ucm ib_isert iscsi_target_mod target_core_mod ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm hfi1 intel_rapl_msr intel_rapl_common mgag200 qedr sb_edac drm_shmem_helper rdmavt x86_pkg_temp_thermal drm_kms_helper intel_powerclamp ib_uverbs coretemp i2c_algo_bit kvm_intel dell_wmi_descriptor ipmi_ssif sparse_keymap kvm ib_core rfkill syscopyarea sysfillrect video sysimgblt irqbypass ipmi_si ipmi_devintf fb_sys_fops rapl iTCO_wdt mxm_wmi iTCO_vendor_support intel_cstate pcspkr dcdbas intel_uncore ipmi_msghandler lpc_ich acpi_power_meter mei_me mei fuse drm xfs libcrc32c qede sd_mod ahci libahci t10_pi sg crct10dif_pclmul crc32_pclmul crc32c_intel qed libata tg3\nghash_clmulni_intel megaraid_sas crc8 wmi [last unloaded: ib_srpt]\nCPU: 0 PID: 143192 Comm: fi_rdm_tagged_p Kdump: loaded Not tainted 5.14.0-408.el9.x86_64 #1\nHardware name: Dell Inc. PowerEdge R430/03XKDV, BIOS 2.14.0 01/25/2022\nRIP: 0010:uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nCode: 5d 41 5c 41 5d 41 5e e9 0f 26 1b dd 48 89 df e8 67 6a ff ff 49 8b 86 10 01 00 00 48 85 c0 74 9c 4c 89 e7 e8 83 c0 cb dd eb 92 \u003c0f\u003e 0b eb be 0f 0b be 04 00 00 00 48 89 df e8 8e f5 ff ff e9 6d ff\nRSP: 0018:ffffb7c6cadfbc60 EFLAGS: 00010286\nRAX: ffff8f0889ee3f60 RBX: ffff8f088c1a5200 RCX: 00000000802a0016\nRDX: 00000000802a0017 RSI: 0000000000000001 RDI: ffff8f0880042600\nRBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\nR10: ffff8f11fffd5000 R11: 0000000000039000 R12: ffff8f0d5b36cd80\nR13: ffff8f088c1a5250 R14: ffff8f1206d91000 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff8f11d7c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000147069200e20 CR3: 00000001c7210002 CR4: 00000000001706f0\nCall Trace:\n\u003cTASK\u003e\n? show_trace_log_lvl+0x1c4/0x2df\n? show_trace_log_lvl+0x1c4/0x2df\n? ib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? __warn+0x81/0x110\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\n? report_bug+0x10a/0x140\n? handle_bug+0x3c/0x70\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? uverbs_destroy_ufile_hw+0xcf/0xf0 [ib_uverbs]\nib_uverbs_close+0x1f/0xb0 [ib_uverbs]\n__fput+0x94/0x250\ntask_work_run+0x5c/0x90\ndo_exit+0x270/0x4a0\ndo_group_exit+0x2d/0x90\nget_signal+0x87c/0x8c0\narch_do_signal_or_restart+0x25/0x100\n? ib_uverbs_ioctl+0xc2/0x110 [ib_uverbs]\nexit_to_user_mode_loop+0x9c/0x130\nexit_to_user_mode_prepare+0xb6/0x100\nsyscall_exit_to_user_mode+0x12/0x40\ndo_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? syscall_exit_work+0x103/0x130\n? syscall_exit_to_user_mode+0x22/0x40\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\n? common_interrupt+0x43/0xa0\nentry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x1470abe3ec6b\nCode: Unable to access opcode bytes at RIP 0x1470abe3ec41.\nRSP: 002b:00007fff13ce9108 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: fffffffffffffffc RBX: 00007fff13ce9218 RCX: 00001470abe3ec6b\nRDX: 00007fff13ce9200 RSI: 00000000c0181b01 RDI: 0000000000000004\nRBP: 00007fff13ce91e0 R08: 0000558d9655da10 R09: 0000558d9655dd00\nR10: 00007fff13ce95c0 R11: 0000000000000246 R12: 00007fff13ce9358\nR13: 0000000000000013 R14: 0000558d9655db50 R15: 00007fff13ce9470\n\u003c/TASK\u003e\n--[ end trace 888a9b92e04c5c97 ]--", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: RDMA/qedr: Fix qedr_create_user_qp error flow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26743" }, { "category": "external", "summary": "RHBZ#2273262", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273262" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26743", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26743" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26743", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26743" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26743-6034@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26743-6034@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: RDMA/qedr: Fix qedr_create_user_qp error flow" }, { "cve": "CVE-2024-26744", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273260" } ], "notes": [ { "category": "description", "text": "A flaw was foundin the Linux Kernel when specifying the srpt_service_guid parameter, which may lead to kernel crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26744" }, { "category": "external", "summary": "RHBZ#2273260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26744", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26744" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26744", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26744" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26744-d344@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26744-d344@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter" }, { "cve": "CVE-2024-26779", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273223" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the mac80211 driver in the Linux kernel. This issue could lead to potential crashes or memory corruption due to of a situation where the driver attempts to utilize data structures that haven\u0027t been fully initialized yet.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: mac80211: fix race condition on enabling fast-xmit", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26779" }, { "category": "external", "summary": "RHBZ#2273223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273223" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26779", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26779" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26779", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26779" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040310-CVE-2024-26779-8030@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040310-CVE-2024-26779-8030@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: mac80211: fix race condition on enabling fast-xmit" }, { "cve": "CVE-2024-26872", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275707" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srpt: Do not register event handler until srpt device is fully setup\n\nUpon rare occasions, KASAN reports a use-after-free Write\nin srpt_refresh_port().\n\nThis seems to be because an event handler is registered before the\nsrpt device is fully setup and a race condition upon error may leave a\npartially setup event handler in place.\n\nInstead, only register the event handler after srpt device initialization\nis complete.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26872" }, { "category": "external", "summary": "RHBZ#2275707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26872", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26872" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26872", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26872" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26872-2d38@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26872-2d38@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup" }, { "cve": "CVE-2024-26892", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275666" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921e: fix use-after-free in free_irq()\n\nFrom commit a304e1b82808 (\"[PATCH] Debug shared irqs\"), there is a test\nto make sure the shared irq handler should be able to handle the unexpected\nevent after deregistration. For this case, let\u0027s apply MT76_REMOVED flag to\nindicate the device was removed and do not run into the resource access\nanymore.\n\nBUG: KASAN: use-after-free in mt7921_irq_handler+0xd8/0x100 [mt7921e]\nRead of size 8 at addr ffff88824a7d3b78 by task rmmod/11115\nCPU: 28 PID: 11115 Comm: rmmod Tainted: G W L 5.17.0 #10\nHardware name: Micro-Star International Co., Ltd. MS-7D73/MPG B650I\nEDGE WIFI (MS-7D73), BIOS 1.81 01/05/2024\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6f/0xa0\n print_address_description.constprop.0+0x1f/0x190\n ? mt7921_irq_handler+0xd8/0x100 [mt7921e]\n ? mt7921_irq_handler+0xd8/0x100 [mt7921e]\n kasan_report.cold+0x7f/0x11b\n ? mt7921_irq_handler+0xd8/0x100 [mt7921e]\n mt7921_irq_handler+0xd8/0x100 [mt7921e]\n free_irq+0x627/0xaa0\n devm_free_irq+0x94/0xd0\n ? devm_request_any_context_irq+0x160/0x160\n ? kobject_put+0x18d/0x4a0\n mt7921_pci_remove+0x153/0x190 [mt7921e]\n pci_device_remove+0xa2/0x1d0\n __device_release_driver+0x346/0x6e0\n driver_detach+0x1ef/0x2c0\n bus_remove_driver+0xe7/0x2d0\n ? __check_object_size+0x57/0x310\n pci_unregister_driver+0x26/0x250\n __do_sys_delete_module+0x307/0x510\n ? free_module+0x6a0/0x6a0\n ? fpregs_assert_state_consistent+0x4b/0xb0\n ? rcu_read_lock_sched_held+0x10/0x70\n ? syscall_enter_from_user_mode+0x20/0x70\n ? trace_hardirqs_on+0x1c/0x130\n do_syscall_64+0x5c/0x80\n ? trace_hardirqs_on_prepare+0x72/0x160\n ? do_syscall_64+0x68/0x80\n ? trace_hardirqs_on_prepare+0x72/0x160\n entry_SYSCALL_64_after_hwframe+0x44/0xae", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: mt76: mt7921e: fix use-after-free in free_irq()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26892" }, { "category": "external", "summary": "RHBZ#2275666", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275666" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26892", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26892" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26892", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26892" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041743-CVE-2024-26892-809e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041743-CVE-2024-26892-809e@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: wifi: mt76: mt7921e: fix use-after-free in free_irq()" }, { "cve": "CVE-2024-26897", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275655" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. This vulnerability affects the ath9k wireless driver in the Linux kernel, specifically used with ath9k_htc devices. The issue arises from a race condition where certain initialization processes are incomplete when the system begins handling WiFi-related events. The problem occurs because the device is exposed to the USB subsystem before the ath9k driver finishes initializing critical data structures.\nThis can lead to NULL pointer dereferences, which cause system crashes, particularly when running specific commands or handling events during WiFi operations. A partial fix had been applied earlier to prevent one aspect of this issue, but further problems were identified. The final resolution was to delay all event handling in the ath9k_wmi_event_tasklet() function until initialization is fully complete, ensuring stability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26897" }, { "category": "external", "summary": "RHBZ#2275655", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275655" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26897", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26897" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26897", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26897" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041744-CVE-2024-26897-5382@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041744-CVE-2024-26897-5382@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete" }, { "cve": "CVE-2024-26901", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275645" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak\n\nsyzbot identified a kernel information leak vulnerability in\ndo_sys_name_to_handle() and issued the following report [1].\n\n[1]\n\"BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n do_sys_name_to_handle fs/fhandle.c:73 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n __do_kmalloc_node mm/slab_common.c:1006 [inline]\n __kmalloc+0x121/0x3c0 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n do_sys_name_to_handle fs/fhandle.c:39 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nBytes 18-19 of 20 are uninitialized\nMemory access of size 20 starts at ffff888128a46380\nData copied to user address 0000000020000240\"\n\nPer Chuck Lever\u0027s suggestion, use kzalloc() instead of kmalloc() to\nsolve the problem.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26901" }, { "category": "external", "summary": "RHBZ#2275645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26901", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26901", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26901" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041745-CVE-2024-26901-34e7@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041745-CVE-2024-26901-34e7@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak" }, { "cve": "CVE-2024-26919", "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275777" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: Fix debugfs directory leak\n\nThe ULPI per-device debugfs root is named after the ulpi device\u0027s\nparent, but ulpi_unregister_interface tries to remove a debugfs\ndirectory named after the ulpi device itself. This results in the\ndirectory sticking around and preventing subsequent (deferred) probes\nfrom succeeding. Change the directory name to match the ulpi device.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: usb: ulpi: Fix debugfs directory leak", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26919" }, { "category": "external", "summary": "RHBZ#2275777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26919", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26919" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26919", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26919" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26919-5100@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26919-5100@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: usb: ulpi: Fix debugfs directory leak" }, { "cve": "CVE-2024-26933", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278240" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in port \"disable\" sysfs attribute\n\nThe show and store callback routines for the \"disable\" sysfs attribute\nfile in port.c acquire the device lock for the port\u0027s parent hub\ndevice. This can cause problems if another process has locked the hub\nto remove it or change its configuration:\n\n\tRemoving the hub or changing its configuration requires the\n\thub interface to be removed, which requires the port device\n\tto be removed, and device_del() waits until all outstanding\n\tsysfs attribute callbacks for the ports have returned. The\n\tlock can\u0027t be released until then.\n\n\tBut the disable_show() or disable_store() routine can\u0027t return\n\tuntil after it has acquired the lock.\n\nThe resulting deadlock can be avoided by calling\nsysfs_break_active_protection(). This will cause the sysfs core not\nto wait for the attribute\u0027s callback routine to return, allowing the\nremoval to proceed. The disadvantage is that after making this call,\nthere is no guarantee that the hub structure won\u0027t be deallocated at\nany moment. To prevent this, we have to acquire a reference to it\nfirst by calling hub_get().", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: USB: core: Fix deadlock in port \u0026#34;disable\u0026#34; sysfs attribute", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26933" }, { "category": "external", "summary": "RHBZ#2278240", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278240" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26933", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26933" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26933", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26933" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26933-c18d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26933-c18d@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: USB: core: Fix deadlock in port \u0026#34;disable\u0026#34; sysfs attribute" }, { "cve": "CVE-2024-26934", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278237" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface\u0027s parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can\u0027t complete\nuntil the device lock has been released, and the lock won\u0027t be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \u003csamsun1006219@gmail.com\u003e\nReported by: xingwei lee \u003cxrivendell7@gmail.com\u003e", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: USB: core: Fix deadlock in usb_deauthorize_interface()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26934" }, { "category": "external", "summary": "RHBZ#2278237", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278237" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26934", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26934", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26934" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26934-e2fc@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050123-CVE-2024-26934-e2fc@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: USB: core: Fix deadlock in usb_deauthorize_interface()" }, { "cve": "CVE-2024-26964", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278169" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Add error handling in xhci_map_urb_for_dma\n\nCurrently xhci_map_urb_for_dma() creates a temporary buffer and copies\nthe SG list to the new linear buffer. But if the kzalloc_node() fails,\nthen the following sg_pcopy_to_buffer() can lead to crash since it\ntries to memcpy to NULL pointer.\n\nSo return -ENOMEM if kzalloc returns null pointer.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26964" }, { "category": "external", "summary": "RHBZ#2278169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26964", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26964" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26964", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26964" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26964-54c8@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-26964-54c8@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: usb: xhci: Add error handling in xhci_map_urb_for_dma" }, { "cve": "CVE-2024-26973", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278356" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfat: fix uninitialized field in nostale filehandles\n\nWhen fat_encode_fh_nostale() encodes file handle without a parent it\nstores only first 10 bytes of the file handle. However the length of the\nfile handle must be a multiple of 4 so the file handle is actually 12\nbytes long and the last two bytes remain uninitialized. This is not\ngreat at we potentially leak uninitialized information with the handle\nto userspace. Properly initialize the full handle length.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fat: fix uninitialized field in nostale filehandles", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26973" }, { "category": "external", "summary": "RHBZ#2278356", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278356" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26973", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26973", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26973" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26973-54a3@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-26973-54a3@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: fat: fix uninitialized field in nostale filehandles" }, { "cve": "CVE-2024-26993", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278314" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26993" }, { "category": "external", "summary": "RHBZ#2278314", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278314" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26993", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26993" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26993", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26993" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26993-fe52@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26993-fe52@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()" }, { "cve": "CVE-2024-27014", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278268" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linus Kernel. A potential deadlock can occur while disabling aRFS in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/mlx5e: Prevent deadlock while disabling aRFS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27014" }, { "category": "external", "summary": "RHBZ#2278268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278268" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27014", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27014" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27014", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27014" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27014-d2dc@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27014-d2dc@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/mlx5e: Prevent deadlock while disabling aRFS" }, { "cve": "CVE-2024-27048", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278431" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u0027s Wi-Fi cfg80211.c driver, where a lack of proper checks can result in a NULL pointer dereference. This issue occurs when the brcmf_pmksa_v3_op() function attempts to call malloc (), but the physical memory has run out. In this situation, kzalloc() will return NULL, which the function does not check before using it in the corresponding value pmk_op., possibly leading to system instability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: brcm80211: handle pmk_op allocation failure", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27048" }, { "category": "external", "summary": "RHBZ#2278431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278431" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27048", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27048" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27048", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27048" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27048-016f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050114-CVE-2024-27048-016f@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: brcm80211: handle pmk_op allocation failure" }, { "cve": "CVE-2024-27052", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278417" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u0027s net rtl8xxxu_core.c driver, where a race condition can lead to a use-after-free situation in the rtl8xxxu_stop() function. This occurs when the workqueue is still running but the driver has been stopped and can lead to c2hcmd_work attempting to access memory that has been freed. This issue can lead to memory corruption or crashes.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27052" }, { "category": "external", "summary": "RHBZ#2278417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278417" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27052", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27052" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27052", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27052" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27052-fb6d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27052-fb6d@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work" }, { "cve": "CVE-2024-27056", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278409" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u0027s iwlwifi driver for Intel wireless devices. This issue occurs when the system attempts to sync the TX queue for an offloading TID during resume, but the queue is not allocated if no packets have been sent on TID 0.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27056" }, { "category": "external", "summary": "RHBZ#2278409", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278409" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27056", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27056" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27056", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27056" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27056-98c0@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050115-CVE-2024-27056-98c0@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: iwlwifi: mvm: ensure offloading TID queue exists" }, { "cve": "CVE-2024-27059", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278398" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27059" }, { "category": "external", "summary": "RHBZ#2278398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27059", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27059" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27059", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27059" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27059-baaa@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27059-baaa@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-06-05T10:05:30+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:3627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.5.1.rt7.346.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.