rhsa-2024_5067
Vulnerability from csaf_redhat
Published
2024-08-07 00:14
Modified
2024-11-06 07:26
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned (CVE-2023-52458)
* kernel: ext4: regenerate buddy after block freeing failed if under fc replay (CVE-2024-26601)
* kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop] (CVE-2023-52635)
* kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (CVE-2024-26737)
* kernel: bnxt: prevent skb UAF after handing over to PTP worker (CVE-2022-48637)
* kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses (CVE-2024-26947)
* kernel: scsi: qla2xxx: Fix double free of the ha->vp_map pointer (CVE-2024-26930)
* kernel: nouveau: lock the client object tree. (CVE-2024-27062)
* kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030)
* kernel: vt: fix unicode buffer corruption when deleting characters (CVE-2024-35823)
* kernel: netfilter: validate user input for expected length (CVE-2024-35896)
* kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885)
* kernel: netfilter: complete validation of user input (CVE-2024-35962)
* kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (CVE-2023-52809)
* kernel: i40e: fix vf may be used uninitialized in this function warning (CVE-2024-36020)
* kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CVE-2024-36017)
* kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs (CVE-2024-36929)
* kernel: drm/vmwgfx: Fix invalid reads in fence signaled events (CVE-2024-36960)
* kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (CVE-2024-33621)
* kernel: blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (CVE-2024-38384)
* kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)
* kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (CVE-2023-52885)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned (CVE-2023-52458)\n\n* kernel: ext4: regenerate buddy after block freeing failed if under fc replay (CVE-2024-26601)\n\n* kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop] (CVE-2023-52635)\n\n* kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (CVE-2024-26737)\n\n* kernel: bnxt: prevent skb UAF after handing over to PTP worker (CVE-2022-48637)\n\n* kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses (CVE-2024-26947)\n\n* kernel: scsi: qla2xxx: Fix double free of the ha-\u0026gt;vp_map pointer (CVE-2024-26930)\n\n* kernel: nouveau: lock the client object tree. (CVE-2024-27062)\n\n* kernel: octeontx2-af: Use separate handlers for interrupts (CVE-2024-27030)\n\n* kernel: vt: fix unicode buffer corruption when deleting characters (CVE-2024-35823)\n\n* kernel: netfilter: validate user input for expected length (CVE-2024-35896)\n\n* kernel: mlxbf_gige: stop interface during shutdown (CVE-2024-35885)\n\n* kernel: netfilter: complete validation of user input (CVE-2024-35962)\n\n* kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (CVE-2023-52809)\n\n* kernel: i40e: fix vf may be used uninitialized in this function warning (CVE-2024-36020)\n\n* kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CVE-2024-36017)\n\n* kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs (CVE-2024-36929)\n\n* kernel: drm/vmwgfx: Fix invalid reads in fence signaled events (CVE-2024-36960)\n\n* kernel: ipvlan: Dont Use skb-\u0026gt;sk in ipvlan_process_v{4,6}_outbound (CVE-2024-33621)\n\n* kernel: blk-cgroup: fix list corruption from reorder of WRITE -\u0026gt;lqueued (CVE-2024-38384)\n\n* kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)\n\n* kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (CVE-2023-52885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:5067", "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2265794", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265794" }, { "category": "external", "summary": "2265836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265836" }, { "category": "external", "summary": "2272808", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272808" }, { "category": "external", "summary": "2273274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273274" }, { "category": "external", "summary": "2277831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277831" }, { "category": "external", "summary": "2278167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278167" }, { "category": "external", "summary": "2278248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278248" }, { "category": "external", "summary": "2278387", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278387" }, { "category": "external", "summary": "2278473", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278473" }, { "category": "external", "summary": "2281190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281190" }, { "category": "external", "summary": "2281675", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281675" }, { "category": "external", "summary": "2281700", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281700" }, { "category": "external", "summary": "2281916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281916" }, { "category": "external", "summary": "2282669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282669" }, { "category": "external", "summary": "2284400", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284400" }, { "category": "external", "summary": "2284417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284417" }, { "category": "external", "summary": "2284496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284496" }, { "category": "external", "summary": "2290408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290408" }, { "category": "external", "summary": "2293657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293657" }, { "category": "external", "summary": "2294220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294220" }, { "category": "external", "summary": "2294225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294225" }, { "category": "external", "summary": "2297730", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297730" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5067.json" } ], "title": "Red Hat Security Advisory: kernel-rt security update", "tracking": { "current_release_date": "2024-11-06T07:26:42+00:00", "generator": { "date": "2024-11-06T07:26:42+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:5067", "initial_release_date": "2024-08-07T00:14:42+00:00", "revision_history": [ { "date": "2024-08-07T00:14:42+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-08-07T00:14:42+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T07:26:42+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product": { "name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:9.2::realtime" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product": { "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "product": { "name": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "product_id": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.77.1.rt14.362.el9_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.77.1.rt14.362.el9_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src" }, "product_reference": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src" }, "product_reference": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-48637", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-04-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2277831" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt: prevent skb UAF after handing over to PTP worker\n\nWhen reading the timestamp is required bnxt_tx_int() hands\nover the ownership of the completed skb to the PTP worker.\nThe skb should not be used afterwards, as the worker may\nrun before the rest of our code and free the skb, leading\nto a use-after-free.\n\nSince dev_kfree_skb_any() accepts NULL make the loss of\nownership more obvious and set skb to NULL.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: bnxt: prevent skb UAF after handing over to PTP worker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48637" }, { "category": "external", "summary": "RHBZ#2277831", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277831" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48637", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48637" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48637", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48637" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024042855-CVE-2022-48637-d149@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024042855-CVE-2022-48637-d149@gregkh/T" } ], "release_date": "2024-04-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: bnxt: prevent skb UAF after handing over to PTP worker" }, { "cve": "CVE-2023-52458", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265794" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s block subsystem, where a NULL pointer dereference occurs if partitions are created or resized with a size that is not a multiple of the logical block size. This flaw allows a privileged attacker to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned", "title": "Vulnerability summary" }, { "category": "other", "text": "The impact of this vulnerability is considered Low because the affected code requires system administration privileges to exploit.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52458" }, { "category": "external", "summary": "RHBZ#2265794", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265794" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52458", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52458" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52458", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52458" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022332-CVE-2023-52458-d1cd@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022332-CVE-2023-52458-d1cd@gregkh/T/#u" } ], "release_date": "2024-02-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "workaround", "details": "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned" }, { "cve": "CVE-2023-52635", "cwe": { "id": "CWE-414", "name": "Missing Lock Check" }, "discovery_date": "2024-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272808" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel resulting from race conditions and a lack of synchronization in handling the delayed work timers in the devfreq component. This issue can lead to inconsistencies and a corruption of the timer list.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop]", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 8 is not affected by this vulnerability, as the default configuration does not set CONFIG_PM_DEVFREQ.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52635" }, { "category": "external", "summary": "RHBZ#2272808", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272808" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52635", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52635" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52635", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52635" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2023-52635-8b18@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040219-CVE-2023-52635-8b18@gregkh/T" } ], "release_date": "2024-04-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop]" }, { "cve": "CVE-2023-52809", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282669" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()\n\nfc_lport_ptp_setup() did not check the return value of fc_rport_create()\nwhich can return NULL and would cause a NULL pointer dereference. Address\nthis issue by checking return value of fc_rport_create() and log error\nmessage on fc_rport_create() failed.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52809" }, { "category": "external", "summary": "RHBZ#2282669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282669" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52809", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52809" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52809", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52809" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52809-f07c@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52809-f07c@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()" }, { "cve": "CVE-2023-52885", "discovery_date": "2024-07-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2297730" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix UAF in svc_tcp_listen_data_ready()\n\nAfter the listener svc_sock is freed, and before invoking svc_tcp_accept()\nfor the established child sock, there is a window that the newsock\nretaining a freed listener svc_sock in sk_user_data which cloning from\nparent. In the race window, if data is received on the newsock, we will\nobserve use-after-free report in svc_tcp_listen_data_ready().\n\nReproduce by two tasks:\n\n1. while :; do rpc.nfsd 0 ; rpc.nfsd; done\n2. while :; do echo \"\" | ncat -4 127.0.0.1 2049 ; done\n\nKASAN report:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc]\n Read of size 8 at addr ffff888139d96228 by task nc/102553\n CPU: 7 PID: 102553 Comm: nc Not tainted 6.3.0+ #18\n Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x33/0x50\n print_address_description.constprop.0+0x27/0x310\n print_report+0x3e/0x70\n kasan_report+0xae/0xe0\n svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc]\n tcp_data_queue+0x9f4/0x20e0\n tcp_rcv_established+0x666/0x1f60\n tcp_v4_do_rcv+0x51c/0x850\n tcp_v4_rcv+0x23fc/0x2e80\n ip_protocol_deliver_rcu+0x62/0x300\n ip_local_deliver_finish+0x267/0x350\n ip_local_deliver+0x18b/0x2d0\n ip_rcv+0x2fb/0x370\n __netif_receive_skb_one_core+0x166/0x1b0\n process_backlog+0x24c/0x5e0\n __napi_poll+0xa2/0x500\n net_rx_action+0x854/0xc90\n __do_softirq+0x1bb/0x5de\n do_softirq+0xcb/0x100\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n ...\n \u003c/TASK\u003e\n\n Allocated by task 102371:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_kmalloc+0x7b/0x90\n svc_setup_socket+0x52/0x4f0 [sunrpc]\n svc_addsock+0x20d/0x400 [sunrpc]\n __write_ports_addfd+0x209/0x390 [nfsd]\n write_ports+0x239/0x2c0 [nfsd]\n nfsctl_transaction_write+0xac/0x110 [nfsd]\n vfs_write+0x1c3/0xae0\n ksys_write+0xed/0x1c0\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\n Freed by task 102551:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x2a/0x50\n __kasan_slab_free+0x106/0x190\n __kmem_cache_free+0x133/0x270\n svc_xprt_free+0x1e2/0x350 [sunrpc]\n svc_xprt_destroy_all+0x25a/0x440 [sunrpc]\n nfsd_put+0x125/0x240 [nfsd]\n nfsd_svc+0x2cb/0x3c0 [nfsd]\n write_threads+0x1ac/0x2a0 [nfsd]\n nfsctl_transaction_write+0xac/0x110 [nfsd]\n vfs_write+0x1c3/0xae0\n ksys_write+0xed/0x1c0\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\nFix the UAF by simply doing nothing in svc_tcp_listen_data_ready()\nif state != TCP_LISTEN, that will avoid dereferencing svsk for all\nchild socket.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready()", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is rated as a moderate severity due to its potential to disrupt service through crashes where the use-after-free allows for exploitation under specific conditions.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52885" }, { "category": "external", "summary": "RHBZ#2297730", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297730" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52885", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52885" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071432-CVE-2023-52885-e934@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071432-CVE-2023-52885-e934@gregkh/T" } ], "release_date": "2024-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready()" }, { "cve": "CVE-2024-26601", "cwe": { "id": "CWE-118", "name": "Incorrect Access of Indexable Resource (\u0027Range Error\u0027)" }, "discovery_date": "2024-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265836" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem related to the fast commit replay process. During this process, blocks that are already marked as free can be incorrectly marked as free again, leading to the corruption of the buddy bitmap, which is used to track free and allocated blocks. This corruption can result in filesystem inconsistencies and potential data loss. The issue is resolved by reintroducing the mb_regenerate_buddy() function, which regenerates the buddy bitmap to ensure its integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ext4: regenerate buddy after block freeing failed if under fc replay", "title": "Vulnerability summary" }, { "category": "other", "text": "CVE-2024-26601 is considered a Moderate severity issue because its impact is limited to specific conditions during the fast commit replay process of the ext4 filesystem. The vulnerability involves the marking of already free blocks as free, which leads to buddy bitmap corruption. However, this scenario is relatively rare and typically occurs only under certain workload patterns. Additionally, the corruption affects internal filesystem metadata rather than user data directly, reducing the immediate risk of data loss or system compromise. The issue can be mitigated by regenerating the buddy bitmap, and standard filesystem integrity checks and recovery procedures can often address any inconsistencies that arise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26601" }, { "category": "external", "summary": "RHBZ#2265836", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265836" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26601", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26601" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26601", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26601" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022411-CVE-2024-26601-b6ac@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022411-CVE-2024-26601-b6ac@gregkh/T/#u" } ], "release_date": "2024-02-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ext4: regenerate buddy after block freeing failed if under fc replay" }, { "cve": "CVE-2024-26737", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273274" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u2019s BPF functionality. This flaw allows a local user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26737" }, { "category": "external", "summary": "RHBZ#2273274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26737", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26737" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26737", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26737" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040359-CVE-2024-26737-a9c3@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040359-CVE-2024-26737-a9c3@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "workaround", "details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel" }, { "cve": "CVE-2024-26930", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278248" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel. A potential double-free in the pointer ha-\u003evp_map exists in the Linux kernel in drivers/scsi/qla2xxx/qla_os.c.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: scsi: qla2xxx: Fix double free of the ha-\u0026gt;vp_map pointer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26930" }, { "category": "external", "summary": "RHBZ#2278248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278248" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26930", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26930" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26930", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26930" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2024-26930-4f3e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2024-26930-4f3e@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: scsi: qla2xxx: Fix double free of the ha-\u0026gt;vp_map pointer" }, { "cve": "CVE-2024-26947", "cwe": { "id": "CWE-439", "name": "Behavioral Change in New Version or Environment" }, "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278167" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u2019s ARM memory management functionality, where certain memory layouts cause a kernel panic. This flaw allows an attacker who can specify or alter memory layouts to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26947" }, { "category": "external", "summary": "RHBZ#2278167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26947", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26947" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26947", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26947" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050126-CVE-2024-26947-c9b8@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050126-CVE-2024-26947-c9b8@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses" }, { "cve": "CVE-2024-27030", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278473" } ], "notes": [ { "category": "description", "text": "A race condition vulnerability was found in the Linux kernel. When AF and PF interrupts are raised at the same time in the CPU, two cores serve same event, corrupting the data.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: octeontx2-af: race condition on interupts", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27030" }, { "category": "external", "summary": "RHBZ#2278473", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278473" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27030", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27030" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27030", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27030" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050110-CVE-2024-27030-d75a@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050110-CVE-2024-27030-d75a@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: octeontx2-af: race condition on interupts" }, { "cve": "CVE-2024-27062", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278387" } ], "notes": [ { "category": "description", "text": "A flaw was found in the nouveau module in the Linux kernel. A missing resource lock can cause a race condition and trigger a general protection fault, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nouveau: lock the client object tree.", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27062" }, { "category": "external", "summary": "RHBZ#2278387", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278387" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27062", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27062" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27062", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27062" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27062-3291@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050130-CVE-2024-27062-3291@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: nouveau: lock the client object tree." }, { "cve": "CVE-2024-33621", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293657" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Dont Use skb-\u003esk in ipvlan_process_v{4,6}_outbound\n\nRaw packet from PF_PACKET socket ontop of an IPv6-backed ipvlan device will\nhit WARN_ON_ONCE() in sk_mc_loop() through sch_direct_xmit() path.\n\nWARNING: CPU: 2 PID: 0 at net/core/sock.c:775 sk_mc_loop+0x2d/0x70\nModules linked in: sch_netem ipvlan rfkill cirrus drm_shmem_helper sg drm_kms_helper\nCPU: 2 PID: 0 Comm: swapper/2 Kdump: loaded Not tainted 6.9.0+ #279\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nRIP: 0010:sk_mc_loop+0x2d/0x70\nCode: fa 0f 1f 44 00 00 65 0f b7 15 f7 96 a3 4f 31 c0 66 85 d2 75 26 48 85 ff 74 1c\nRSP: 0018:ffffa9584015cd78 EFLAGS: 00010212\nRAX: 0000000000000011 RBX: ffff91e585793e00 RCX: 0000000002c6a001\nRDX: 0000000000000000 RSI: 0000000000000040 RDI: ffff91e589c0f000\nRBP: ffff91e5855bd100 R08: 0000000000000000 R09: 3d00545216f43d00\nR10: ffff91e584fdcc50 R11: 00000060dd8616f4 R12: ffff91e58132d000\nR13: ffff91e584fdcc68 R14: ffff91e5869ce800 R15: ffff91e589c0f000\nFS: 0000000000000000(0000) GS:ffff91e898100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f788f7c44c0 CR3: 0000000008e1a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cIRQ\u003e\n ? __warn (kernel/panic.c:693)\n ? sk_mc_loop (net/core/sock.c:760)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:239)\n ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? sk_mc_loop (net/core/sock.c:760)\n ip6_finish_output2 (net/ipv6/ip6_output.c:83 (discriminator 1))\n ? nf_hook_slow (net/netfilter/core.c:626)\n ip6_finish_output (net/ipv6/ip6_output.c:222)\n ? __pfx_ip6_finish_output (net/ipv6/ip6_output.c:215)\n ipvlan_xmit_mode_l3 (drivers/net/ipvlan/ipvlan_core.c:602) ipvlan\n ipvlan_start_xmit (drivers/net/ipvlan/ipvlan_main.c:226) ipvlan\n dev_hard_start_xmit (net/core/dev.c:3594)\n sch_direct_xmit (net/sched/sch_generic.c:343)\n __qdisc_run (net/sched/sch_generic.c:416)\n net_tx_action (net/core/dev.c:5286)\n handle_softirqs (kernel/softirq.c:555)\n __irq_exit_rcu (kernel/softirq.c:589)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1043)\n\nThe warning triggers as this:\npacket_sendmsg\n packet_snd //skb-\u003esk is packet sk\n __dev_queue_xmit\n __dev_xmit_skb //q-\u003eenqueue is not NULL\n __qdisc_run\n sch_direct_xmit\n dev_hard_start_xmit\n ipvlan_start_xmit\n ipvlan_xmit_mode_l3 //l3 mode\n ipvlan_process_outbound //vepa flag\n ipvlan_process_v6_outbound\n ip6_local_out\n __ip6_finish_output\n ip6_finish_output2 //multicast packet\n sk_mc_loop //sk-\u003esk_family is AF_PACKET\n\nCall ip{6}_local_out() with NULL sk in ipvlan as other tunnels to fix this.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ipvlan: Dont Use skb-\u0026gt;sk in ipvlan_process_v{4,6}_outbound", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-33621" }, { "category": "external", "summary": "RHBZ#2293657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293657" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-33621", "url": "https://www.cve.org/CVERecord?id=CVE-2024-33621" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-33621", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33621" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-33621-d3a6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-33621-d3a6@gregkh/T" } ], "release_date": "2024-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ipvlan: Dont Use skb-\u0026gt;sk in ipvlan_process_v{4,6}_outbound" }, { "cve": "CVE-2024-35823", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281190" } ], "notes": [ { "category": "description", "text": "A vulnerability as found in the Linux kernel\u2019s virtual terminal (VT) subsystem, which could lead to unicode buffer corruption when deleting characters. This issue arises from improper handling of unicode data, which can corrupt memory or lead to unintended behavior.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: vt: fix unicode buffer corruption when deleting characters", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35823" }, { "category": "external", "summary": "RHBZ#2281190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281190" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35823", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35823" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35823", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35823" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051745-CVE-2024-35823-1e69@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051745-CVE-2024-35823-1e69@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: vt: fix unicode buffer corruption when deleting characters" }, { "cve": "CVE-2024-35885", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281700" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxbf_gige: stop interface during shutdown\n\nThe mlxbf_gige driver intermittantly encounters a NULL pointer\nexception while the system is shutting down via \"reboot\" command.\nThe mlxbf_driver will experience an exception right after executing\nits shutdown() method. One example of this exception is:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000070\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004\n CM = 0, WnR = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000011d373000\n[0000000000000070] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 96000004 [#1] SMP\nCPU: 0 PID: 13 Comm: ksoftirqd/0 Tainted: G S OE 5.15.0-bf.6.gef6992a #1\nHardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.0.2.12669 Apr 21 2023\npstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : mlxbf_gige_handle_tx_complete+0xc8/0x170 [mlxbf_gige]\nlr : mlxbf_gige_poll+0x54/0x160 [mlxbf_gige]\nsp : ffff8000080d3c10\nx29: ffff8000080d3c10 x28: ffffcce72cbb7000 x27: ffff8000080d3d58\nx26: ffff0000814e7340 x25: ffff331cd1a05000 x24: ffffcce72c4ea008\nx23: ffff0000814e4b40 x22: ffff0000814e4d10 x21: ffff0000814e4128\nx20: 0000000000000000 x19: ffff0000814e4a80 x18: ffffffffffffffff\nx17: 000000000000001c x16: ffffcce72b4553f4 x15: ffff80008805b8a7\nx14: 0000000000000000 x13: 0000000000000030 x12: 0101010101010101\nx11: 7f7f7f7f7f7f7f7f x10: c2ac898b17576267 x9 : ffffcce720fa5404\nx8 : ffff000080812138 x7 : 0000000000002e9a x6 : 0000000000000080\nx5 : ffff00008de3b000 x4 : 0000000000000000 x3 : 0000000000000001\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\nCall trace:\n mlxbf_gige_handle_tx_complete+0xc8/0x170 [mlxbf_gige]\n mlxbf_gige_poll+0x54/0x160 [mlxbf_gige]\n __napi_poll+0x40/0x1c8\n net_rx_action+0x314/0x3a0\n __do_softirq+0x128/0x334\n run_ksoftirqd+0x54/0x6c\n smpboot_thread_fn+0x14c/0x190\n kthread+0x10c/0x110\n ret_from_fork+0x10/0x20\nCode: 8b070000 f9000ea0 f95056c0 f86178a1 (b9407002)\n---[ end trace 7cc3941aa0d8e6a4 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt\nKernel Offset: 0x4ce722520000 from 0xffff800008000000\nPHYS_OFFSET: 0x80000000\nCPU features: 0x000005c1,a3330e5a\nMemory Limit: none\n---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nDuring system shutdown, the mlxbf_gige driver\u0027s shutdown() is always executed.\nHowever, the driver\u0027s stop() method will only execute if networking interface\nconfiguration logic within the Linux distribution has been setup to do so.\n\nIf shutdown() executes but stop() does not execute, NAPI remains enabled\nand this can lead to an exception if NAPI is scheduled while the hardware\ninterface has only been partially deinitialized.\n\nThe networking interface managed by the mlxbf_gige driver must be properly\nstopped during system shutdown so that IFF_UP is cleared, the hardware\ninterface is put into a clean state, and NAPI is fully deinitialized.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mlxbf_gige: stop interface during shutdown", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35885" }, { "category": "external", "summary": "RHBZ#2281700", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281700" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35885", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35885" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051946-CVE-2024-35885-ce9c@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051946-CVE-2024-35885-ce9c@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mlxbf_gige: stop interface during shutdown" }, { "cve": "CVE-2024-35896", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281675" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: validate user input for expected length\n\nI got multiple syzbot reports showing old bugs exposed\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\nin cgroup/{s,g}etsockopt\")\n\nsetsockopt() @optlen argument should be taken into account\nbefore copying data.\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n BUG: KASAN: slab-out-of-bounds in do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\nRead of size 96 at addr ffff88802cd73da0 by task syz-executor.4/7238\n\nCPU: 1 PID: 7238 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\n nf_setsockopt+0x295/0x2c0 net/netfilter/nf_sockopt.c:101\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\nRIP: 0033:0x7fd22067dde9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd21f9ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fd2207abf80 RCX: 00007fd22067dde9\nRDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007fd2206ca47a R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fd2207abf80 R15: 00007ffd2d0170d8\n \u003c/TASK\u003e\n\nAllocated by task 7238:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:4069 [inline]\n __kmalloc_noprof+0x200/0x410 mm/slub.c:4082\n kmalloc_noprof include/linux/slab.h:664 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd47/0x1050 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\n\nThe buggy address belongs to the object at ffff88802cd73da0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes inside of\n allocated 1-byte region [ffff88802cd73da0, ffff88802cd73da1)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802cd73020 pfn:0x2cd73\nflags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)\npage_type: 0xffffefff(slab)\nraw: 00fff80000000000 ffff888015041280 dead000000000100 dead000000000122\nraw: ffff88802cd73020 000000008080007f 00000001ffffefff 00\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: validate user input for expected length", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35896" }, { "category": "external", "summary": "RHBZ#2281675", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281675" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35896", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35896" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35896", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35896" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051950-CVE-2024-35896-e6b5@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051950-CVE-2024-35896-e6b5@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: validate user input for expected length" }, { "cve": "CVE-2024-35962", "discovery_date": "2024-05-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281916" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: complete validation of user input\n\nIn my recent commit, I missed that do_replace() handlers\nuse copy_from_sockptr() (which I fixed), followed\nby unsafe copy_from_sockptr_offset() calls.\n\nIn all functions, we can perform the @optlen validation\nbefore even calling xt_alloc_table_info() with the following\ncheck:\n\nif ((u64)optlen \u003c (u64)tmp.size + sizeof(tmp))\n return -EINVAL;", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: complete validation of user input", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35962" }, { "category": "external", "summary": "RHBZ#2281916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281916" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35962", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35962" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35962", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35962" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052020-CVE-2024-35962-e5ce@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052020-CVE-2024-35962-e5ce@gregkh/T" } ], "release_date": "2024-05-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: complete validation of user input" }, { "cve": "CVE-2024-36017", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284417" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation\n\nEach attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a\nstruct ifla_vf_vlan_info so the size of such attribute needs to be at least\nof sizeof(struct ifla_vf_vlan_info) which is 14 bytes.\nThe current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes)\nwhich is less than sizeof(struct ifla_vf_vlan_info) so this validation\nis not enough and a too small attribute might be cast to a\nstruct ifla_vf_vlan_info, this might result in an out of bands\nread access when accessing the saved (casted) entry in ivvl.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation", "title": "Vulnerability summary" }, { "category": "other", "text": "Only out of boundary read for some specific condition with precondition could be (that impossible to trigger without privileges for access).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36017" }, { "category": "external", "summary": "RHBZ#2284417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284417" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36017", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36017", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36017" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053015-CVE-2024-36017-bf96@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053015-CVE-2024-36017-bf96@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation" }, { "cve": "CVE-2024-36020", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284400" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u2019s Ethernet Controller XL710 family driver. This flaw allows a local user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: i40e: fix vf may be used uninitialized in this function warning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36020" }, { "category": "external", "summary": "RHBZ#2284400", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284400" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36020", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36020" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36020", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36020" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" }, { "category": "workaround", "details": "To mitigate this issue, prevent the i40e module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to prevent it from loading automatically.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: i40e: fix vf may be used uninitialized in this function warning" }, { "cve": "CVE-2024-36929", "cwe": { "id": "CWE-822", "name": "Untrusted Pointer Dereference" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284496" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: core: reject skb_copy(_expand) for fraglist GSO skbs\n\nSKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become\ninvalid. Return NULL if such an skb is passed to skb_copy or\nskb_copy_expand, in order to prevent a crash on a potential later\ncall to skb_gso_segment.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36929" }, { "category": "external", "summary": "RHBZ#2284496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36929", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36929" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36929", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36929" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053041-CVE-2024-36929-0329@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053041-CVE-2024-36929-0329@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs" }, { "cve": "CVE-2024-36960", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-06-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2290408" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix invalid reads in fence signaled events\n\nCorrectly set the length of the drm_event to the size of the structure\nthat\u0027s actually used.\n\nThe length of the drm_event was set to the parent structure instead of\nto the drm_vmw_event_fence which is supposed to be read. drm_read\nuses the length parameter to copy the event to the user space thus\nresuling in oob reads.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/vmwgfx: Fix invalid reads in fence signaled events", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36960" }, { "category": "external", "summary": "RHBZ#2290408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290408" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36960", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36960", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36960" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024060341-CVE-2024-36960-d1bf@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024060341-CVE-2024-36960-d1bf@gregkh/T" } ], "release_date": "2024-06-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/vmwgfx: Fix invalid reads in fence signaled events" }, { "cve": "CVE-2024-38384", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-06-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2294220" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix list corruption from reorder of WRITE -\u003elqueued\n\n__blkcg_rstat_flush() can be run anytime, especially when blk_cgroup_bio_start\nis being executed.\n\nIf WRITE of `-\u003elqueued` is re-ordered with READ of \u0027bisc-\u003elnode.next\u0027 in\nthe loop of __blkcg_rstat_flush(), `next_bisc` can be assigned with one\nstat instance being added in blk_cgroup_bio_start(), then the local\nlist in __blkcg_rstat_flush() could be corrupted.\n\nFix the issue by adding one barrier.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: blk-cgroup: fix list corruption from reorder of WRITE -\u0026gt;lqueued", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38384" }, { "category": "external", "summary": "RHBZ#2294220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294220" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38384", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38384" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062455-CVE-2024-38384-47e5@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062455-CVE-2024-38384-47e5@gregkh/T" } ], "release_date": "2024-06-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: blk-cgroup: fix list corruption from reorder of WRITE -\u0026gt;lqueued" }, { "cve": "CVE-2024-38663", "cwe": { "id": "CWE-665", "name": "Improper Initialization" }, "discovery_date": "2024-06-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2294225" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix list corruption from resetting io stat\n\nSince commit 3b8cc6298724 (\"blk-cgroup: Optimize blkcg_rstat_flush()\"),\neach iostat instance is added to blkcg percpu list, so blkcg_reset_stats()\ncan\u0027t reset the stat instance by memset(), otherwise the llist may be\ncorrupted.\n\nFix the issue by only resetting the counter part.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: blk-cgroup: fix list corruption from resetting io stat", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38663" }, { "category": "external", "summary": "RHBZ#2294225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294225" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38663", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38663" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38663", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38663" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062457-CVE-2024-38663-a1bc@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062457-CVE-2024-38663-a1bc@gregkh/T" } ], "release_date": "2024-06-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T00:14:42+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5067" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.77.1.rt14.362.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: blk-cgroup: fix list corruption from resetting io stat" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.