rhsa-2024_5102
Vulnerability from csaf_redhat
Published
2024-08-08 04:44
Modified
2024-09-18 19:44
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)
* kernel: tracing: Restructure trace_clock_global() to never block (CVE-2021-46939)
* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)
* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)
* kernel: stmmac: Clear variable when destroying workqueue (CVE-2024-26802)
* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)
* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: SUNRPC: fix a memleak in gss_import_v2_context (CVE-2023-52653)
* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)
* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)
* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)
* kernel: dyndbg: fix old BUG_ON in >control parser (CVE-2024-35947)
* kernel: net/sched: act_skbmod: prevent kernel-infoleak (CVE-2024-35893)
* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)
* kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)
* kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (CVE-2023-52845)
* kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (CVE-2023-52658)
* kernel: crash due to a missing check for leb_size (CVE-2024-25739)
* kernel: tcp: make sure init the accept_queue's spinlocks once (CVE-2024-26614)
* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)
* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)
* kernel: nfs: fix UAF in direct writes (CVE-2024-26958)
* kernel: SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)
* kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (CVE-2024-27434)
* kernel: of: Fix double free in of_parse_phandle_with_args_map (CVE-2023-52679)
* kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (CVE-2024-35930)
* kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)
* kernel: block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)
* kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB (CVE-2024-35938)
* kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)
* kernel: wifi: rtw89: fix null pointer access when abort scan (CVE-2024-35946)
* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)
* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)
* kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)
* kernel: net: ieee802154: fix null deref in parse dev addr (CVE-2021-47257)
* kernel: mmc: sdio: fix possible resource leaks in some error paths (CVE-2023-52730)
* kernel: wifi: ath11k: fix gtk offload status event locking (CVE-2023-52777)
* (CVE-2023-52832)
* (CVE-2023-52803)
* (CVE-2023-52756)
* (CVE-2023-52834)
* (CVE-2023-52791)
* (CVE-2023-52764)
* (CVE-2021-47468)
* (CVE-2021-47284)
* (CVE-2024-36025)
* (CVE-2024-36941)
* (CVE-2024-36940)
* (CVE-2024-36904)
* (CVE-2024-36896)
* (CVE-2024-36954)
* (CVE-2024-36950)
* (CVE-2024-38575)
* (CVE-2024-36917)
* (CVE-2024-36016)
* (CVE-2023-52762)
* (CVE-2024-27025)
* (CVE-2021-47548)
* (CVE-2023-52619)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)\n\n* kernel: tracing: Restructure trace_clock_global() to never block (CVE-2021-46939)\n\n* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)\n\n* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)\n\n* kernel: stmmac: Clear variable when destroying workqueue (CVE-2024-26802)\n\n* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)\n\n* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)\n\n* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)\n\n* kernel: SUNRPC: fix a memleak in gss_import_v2_context (CVE-2023-52653)\n\n* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)\n\n* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)\n\n* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)\n\n* kernel: dyndbg: fix old BUG_ON in \u0026gt;control parser (CVE-2024-35947)\n\n* kernel: net/sched: act_skbmod: prevent kernel-infoleak (CVE-2024-35893)\n\n* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)\n\n* kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)\n\n* kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (CVE-2023-52845)\n\n* kernel: Revert \"net/mlx5: Block entering switchdev mode with ns inconsistency\" (CVE-2023-52658)\n\n* kernel: crash due to a missing check for leb_size (CVE-2024-25739)\n\n* kernel: tcp: make sure init the accept_queue\u0026#39;s spinlocks once (CVE-2024-26614)\n\n* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)\n\n* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)\n\n* kernel: nfs: fix UAF in direct writes (CVE-2024-26958)\n\n* kernel: SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)\n\n* kernel: wifi: iwlwifi: mvm: don\u0026#39;t set the MFP flag for the GTK (CVE-2024-27434)\n\n* kernel: of: Fix double free in of_parse_phandle_with_args_map (CVE-2023-52679)\n\n* kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (CVE-2024-35930)\n\n* kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)\n\n* kernel: block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)\n\n* kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB (CVE-2024-35938)\n\n* kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)\n\n* kernel: wifi: rtw89: fix null pointer access when abort scan (CVE-2024-35946)\n\n* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)\n\n* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)\n\n* kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)\n\n* kernel: net: ieee802154: fix null deref in parse dev addr (CVE-2021-47257)\n\n* kernel: mmc: sdio: fix possible resource leaks in some error paths (CVE-2023-52730)\n\n* kernel: wifi: ath11k: fix gtk offload status event locking (CVE-2023-52777)\n\n* (CVE-2023-52832)\n* (CVE-2023-52803)\n* (CVE-2023-52756)\n* (CVE-2023-52834)\n* (CVE-2023-52791)\n* (CVE-2023-52764)\n* (CVE-2021-47468)\n* (CVE-2021-47284)\n* (CVE-2024-36025)\n* (CVE-2024-36941)\n* (CVE-2024-36940)\n* (CVE-2024-36904)\n* (CVE-2024-36896)\n* (CVE-2024-36954)\n* (CVE-2024-36950)\n* (CVE-2024-38575)\n* (CVE-2024-36917)\n* (CVE-2024-36016)\n* (CVE-2023-52762)\n* (CVE-2024-27025)\n* (CVE-2021-47548)\n* (CVE-2023-52619)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:5102", "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2263879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263879" }, { "category": "external", "summary": "2265645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265645" }, { "category": "external", "summary": "2265797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265797" }, { "category": "external", "summary": "2266341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266341" }, { "category": "external", "summary": "2266347", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266347" }, { "category": "external", "summary": "2266497", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266497" }, { "category": "external", "summary": "2267787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267787" }, { "category": "external", "summary": "2268118", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268118" }, { "category": "external", "summary": "2269070", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269070" }, { "category": "external", "summary": "2269211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269211" }, { "category": "external", "summary": "2270084", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270084" }, { "category": "external", "summary": "2270100", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270100" }, { "category": "external", "summary": "2271686", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271686" }, { "category": "external", "summary": "2271688", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271688" }, { "category": "external", "summary": "2272782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272782" }, { "category": "external", "summary": "2272795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272795" }, { "category": "external", "summary": "2273109", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273109" }, { "category": "external", "summary": "2273174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273174" }, { "category": "external", "summary": "2273236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273236" }, { "category": "external", "summary": "2273242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273242" }, { "category": "external", "summary": "2273247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273247" }, { "category": "external", "summary": "2273268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273268" }, { "category": "external", "summary": "2273427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273427" }, { "category": "external", "summary": "2273654", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273654" }, { "category": "external", "summary": "2275565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275565" }, { "category": "external", "summary": "2275573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275573" }, { "category": "external", "summary": "2275580", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275580" }, { "category": "external", "summary": "2275694", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275694" }, { "category": "external", "summary": "2275711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275711" }, { "category": "external", "summary": "2275748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275748" }, { "category": "external", "summary": "2275761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275761" }, { "category": "external", "summary": "2275928", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275928" }, { "category": "external", "summary": "2277166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277166" }, { "category": "external", "summary": "2277238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277238" }, { "category": "external", "summary": "2277840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277840" }, { "category": "external", "summary": "2278176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278176" }, { "category": "external", "summary": "2278178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278178" }, { "category": "external", "summary": "2278182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278182" }, { "category": "external", "summary": "2278218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278218" }, { "category": "external", "summary": "2278256", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278256" }, { "category": "external", "summary": "2278258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278258" }, { "category": "external", "summary": "2278277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278277" }, { "category": "external", "summary": "2278279", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278279" }, { "category": "external", "summary": "2278380", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278380" }, { "category": "external", "summary": "2278484", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278484" }, { "category": "external", "summary": "2278515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278515" }, { "category": "external", "summary": "2278535", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278535" }, { "category": "external", "summary": "2278539", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278539" }, { "category": "external", "summary": "2278989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278989" }, { "category": "external", "summary": "2280440", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280440" }, { "category": "external", "summary": "2281054", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281054" }, { "category": "external", "summary": "2281133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281133" }, { "category": "external", "summary": "2281149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281149" }, { "category": "external", "summary": "2281207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281207" }, { "category": "external", "summary": "2281215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281215" }, { "category": "external", "summary": "2281221", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281221" }, { "category": "external", "summary": "2281235", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281235" }, { "category": "external", "summary": "2281268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281268" }, { "category": "external", "summary": "2281326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281326" }, { "category": "external", "summary": "2281360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281360" }, { "category": "external", "summary": "2281510", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281510" }, { "category": "external", "summary": "2281519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281519" }, { "category": "external", "summary": "2281636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281636" }, { "category": "external", "summary": "2281641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281641" }, { "category": "external", "summary": "2281664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281664" }, { "category": "external", "summary": "2281667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281667" }, { "category": "external", "summary": "2281672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281672" }, { "category": "external", "summary": "2281675", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281675" }, { "category": "external", "summary": "2281682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281682" }, { "category": "external", "summary": "2281725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281725" }, { "category": "external", "summary": "2281752", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281752" }, { "category": "external", "summary": "2281758", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281758" }, { "category": "external", "summary": "2281819", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281819" }, { "category": "external", "summary": "2281821", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281821" }, { "category": "external", "summary": "2281833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281833" }, { "category": "external", "summary": "2281938", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281938" }, { "category": "external", "summary": "2281949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281949" }, { "category": "external", "summary": "2281968", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281968" }, { "category": "external", "summary": "2281989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281989" }, { "category": "external", "summary": "2282328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282328" }, { "category": "external", "summary": "2282373", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282373" }, { "category": "external", "summary": "2282479", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282479" }, { "category": "external", "summary": "2282553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282553" }, { "category": "external", "summary": "2282615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282615" }, { "category": "external", "summary": "2282623", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282623" }, { "category": "external", "summary": "2282640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282640" }, { "category": "external", "summary": "2282642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282642" }, { "category": "external", "summary": "2282645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282645" }, { "category": "external", "summary": "2282717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282717" }, { "category": "external", "summary": "2282719", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282719" }, { "category": "external", "summary": "2282727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282727" }, { "category": "external", "summary": "2282742", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282742" }, { "category": "external", "summary": "2282743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282743" }, { "category": "external", "summary": "2282744", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282744" }, { "category": "external", "summary": "2282759", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282759" }, { "category": "external", "summary": "2282763", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282763" }, { "category": "external", "summary": "2282766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282766" }, { "category": "external", "summary": "2282772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282772" }, { "category": "external", "summary": "2282780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282780" }, { "category": "external", "summary": "2282887", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282887" }, { "category": "external", "summary": "2282896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282896" }, { "category": "external", "summary": "2282923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282923" }, { "category": "external", "summary": "2282925", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282925" }, { "category": "external", "summary": "2282950", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282950" }, { "category": "external", "summary": "2283401", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283401" }, { "category": "external", "summary": "2283894", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283894" }, { "category": "external", "summary": "2284400", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284400" }, { "category": "external", "summary": "2284417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284417" }, { "category": "external", "summary": "2284421", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284421" }, { "category": "external", "summary": "2284474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284474" }, { "category": "external", "summary": "2284477", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284477" }, { "category": "external", "summary": "2284488", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284488" }, { "category": "external", "summary": "2284496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284496" }, { "category": "external", "summary": "2284500", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284500" }, { "category": "external", "summary": "2284513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284513" }, { "category": "external", "summary": "2284519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284519" }, { "category": "external", "summary": "2284539", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284539" }, { "category": "external", "summary": "2284541", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284541" }, { "category": "external", "summary": "2284556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284556" }, { "category": "external", "summary": "2284571", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284571" }, { "category": "external", "summary": "2284590", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284590" }, { "category": "external", "summary": "2284625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284625" }, { "category": "external", "summary": "2290408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290408" }, { "category": "external", "summary": "2292331", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292331" }, { "category": "external", "summary": "2293078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293078" }, { "category": "external", "summary": "2293250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293250" }, { "category": "external", "summary": "2293276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293276" }, { "category": "external", "summary": "2293312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293312" }, { "category": "external", "summary": "2293316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293316" }, { "category": "external", "summary": "2293348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293348" }, { "category": "external", "summary": "2293371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293371" }, { "category": "external", "summary": "2293383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293383" }, { "category": "external", "summary": "2293418", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293418" }, { "category": "external", "summary": "2293420", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293420" }, { "category": "external", "summary": "2293444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293444" }, { "category": "external", "summary": "2293461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293461" }, { "category": "external", "summary": "2293653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293653" }, { "category": "external", "summary": "2293657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293657" }, { "category": "external", "summary": "2293684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293684" }, { "category": "external", "summary": "2293687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293687" }, { "category": "external", "summary": "2293700", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293700" }, { "category": "external", "summary": "2293711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293711" }, { "category": "external", "summary": "2294274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294274" }, { "category": "external", "summary": "2295914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295914" }, { "category": "external", "summary": "2296067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296067" }, { "category": "external", "summary": "2297056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297056" }, { "category": "external", "summary": "2297474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297474" }, { "category": "external", "summary": "2297511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297511" }, { "category": "external", "summary": "2298108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298108" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5102.json" } ], "title": "Red Hat Security Advisory: kernel-rt security update", "tracking": { "current_release_date": "2024-09-18T19:44:22+00:00", "generator": { "date": "2024-09-18T19:44:22+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2024:5102", "initial_release_date": "2024-08-08T04:44:11+00:00", "revision_history": [ { "date": "2024-08-08T04:44:11+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-08-08T04:44:11+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-18T19:44:22+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux NFV (v. 8)", "product": { "name": "Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux RT (v. 8)", "product": { "name": "Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "product": { "name": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "product_id": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.16.1.rt7.357.el8_10?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.16.1.rt7.357.el8_10?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src" }, "product_reference": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)", "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src" }, "product_reference": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)", "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-46939", "cwe": { "id": "CWE-833", "name": "Deadlock" }, "discovery_date": "2024-02-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266497" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Restructure trace_clock_global() to never block\n\nIt was reported that a fix to the ring buffer recursion detection would\ncause a hung machine when performing suspend / resume testing. The\nfollowing backtrace was extracted from debugging that case:\n\nCall Trace:\n trace_clock_global+0x91/0xa0\n __rb_reserve_next+0x237/0x460\n ring_buffer_lock_reserve+0x12a/0x3f0\n trace_buffer_lock_reserve+0x10/0x50\n __trace_graph_return+0x1f/0x80\n trace_graph_return+0xb7/0xf0\n ? trace_clock_global+0x91/0xa0\n ftrace_return_to_handler+0x8b/0xf0\n ? pv_hash+0xa0/0xa0\n return_to_handler+0x15/0x30\n ? ftrace_graph_caller+0xa0/0xa0\n ? trace_clock_global+0x91/0xa0\n ? __rb_reserve_next+0x237/0x460\n ? ring_buffer_lock_reserve+0x12a/0x3f0\n ? trace_event_buffer_lock_reserve+0x3c/0x120\n ? trace_event_buffer_reserve+0x6b/0xc0\n ? trace_event_raw_event_device_pm_callback_start+0x125/0x2d0\n ? dpm_run_callback+0x3b/0xc0\n ? pm_ops_is_empty+0x50/0x50\n ? platform_get_irq_byname_optional+0x90/0x90\n ? trace_device_pm_callback_start+0x82/0xd0\n ? dpm_run_callback+0x49/0xc0\n\nWith the following RIP:\n\nRIP: 0010:native_queued_spin_lock_slowpath+0x69/0x200\n\nSince the fix to the recursion detection would allow a single recursion to\nhappen while tracing, this lead to the trace_clock_global() taking a spin\nlock and then trying to take it again:\n\nring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* lock taken */\n (something else gets traced by function graph tracer)\n ring_buffer_lock_reserve() {\n trace_clock_global() {\n arch_spin_lock() {\n queued_spin_lock_slowpath() {\n /* DEAD LOCK! */\n\nTracing should *never* block, as it can lead to strange lockups like the\nabove.\n\nRestructure the trace_clock_global() code to instead of simply taking a\nlock to update the recorded \"prev_time\" simply use it, as two events\nhappening on two different CPUs that calls this at the same time, really\ndoesn\u0027t matter which one goes first. Use a trylock to grab the lock for\nupdating the prev_time, and if it fails, simply try again the next time.\nIf it failed to be taken, that means something else is already updating\nit.\n\n\nBugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=212761", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tracing: Restructure trace_clock_global() to never block", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-46939" }, { "category": "external", "summary": "RHBZ#2266497", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266497" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-46939", "url": "https://www.cve.org/CVERecord?id=CVE-2021-46939" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-46939", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46939" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240227184057.2368370-4-gregkh@linuxfoundation.org/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/20240227184057.2368370-4-gregkh@linuxfoundation.org/T/#u" } ], "release_date": "2024-02-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: tracing: Restructure trace_clock_global() to never block" }, { "cve": "CVE-2021-47257", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282553" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: fix null deref in parse dev addr\n\nFix a logic error that could result in a null deref if the user sets\nthe mode incorrectly for the given addr type.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: ieee802154: fix null deref in parse dev addr", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47257" }, { "category": "external", "summary": "RHBZ#2282553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47257", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47257" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47257", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47257" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47257-1d1c@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47257-1d1c@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net: ieee802154: fix null deref in parse dev addr" }, { "cve": "CVE-2021-47284", "cwe": { "id": "CWE-590", "name": "Free of Memory not on the Heap" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282923" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: netjet: Fix crash in nj_probe:\n\n\u0027nj_setup\u0027 in netjet.c might fail with -EIO and in this case\n\u0027card-\u003eirq\u0027 is initialized and is bigger than zero. A subsequent call to\n\u0027nj_release\u0027 will free the irq that has not been requested.\n\nFix this bug by deleting the previous assignment to \u0027card-\u003eirq\u0027 and just\nkeep the assignment before \u0027request_irq\u0027.\n\nThe KASAN\u0027s log reveals it:\n\n[ 3.354615 ] WARNING: CPU: 0 PID: 1 at kernel/irq/manage.c:1826\nfree_irq+0x100/0x480\n[ 3.355112 ] Modules linked in:\n[ 3.355310 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.355816 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.356552 ] RIP: 0010:free_irq+0x100/0x480\n[ 3.356820 ] Code: 6e 08 74 6f 4d 89 f4 e8 5e ac 09 00 4d 8b 74 24 18\n4d 85 f6 75 e3 e8 4f ac 09 00 8b 75 c8 48 c7 c7 78 c1 2e 85 e8 e0 cf f5\nff \u003c0f\u003e 0b 48 8b 75 c0 4c 89 ff e8 72 33 0b 03 48 8b 43 40 4c 8b a0 80\n[ 3.358012 ] RSP: 0000:ffffc90000017b48 EFLAGS: 00010082\n[ 3.358357 ] RAX: 0000000000000000 RBX: ffff888104dc8000 RCX:\n0000000000000000\n[ 3.358814 ] RDX: ffff8881003c8000 RSI: ffffffff8124a9e6 RDI:\n00000000ffffffff\n[ 3.359272 ] RBP: ffffc90000017b88 R08: 0000000000000000 R09:\n0000000000000000\n[ 3.359732 ] R10: ffffc900000179f0 R11: 0000000000001d04 R12:\n0000000000000000\n[ 3.360195 ] R13: ffff888107dc6000 R14: ffff888107dc6928 R15:\nffff888104dc80a8\n[ 3.360652 ] FS: 0000000000000000(0000) GS:ffff88817bc00000(0000)\nknlGS:0000000000000000\n[ 3.361170 ] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.361538 ] CR2: 0000000000000000 CR3: 000000000582e000 CR4:\n00000000000006f0\n[ 3.362003 ] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 3.362175 ] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] nj_release+0x51/0x1e0\n[ 3.362175 ] nj_probe+0x450/0x950\n[ 3.362175 ] ? pci_device_remove+0x110/0x110\n[ 3.362175 ] local_pci_probe+0x45/0xa0\n[ 3.362175 ] pci_device_probe+0x12b/0x1d0\n[ 3.362175 ] really_probe+0x2a9/0x610\n[ 3.362175 ] driver_probe_device+0x90/0x1d0\n[ 3.362175 ] ? mutex_lock_nested+0x1b/0x20\n[ 3.362175 ] device_driver_attach+0x68/0x70\n[ 3.362175 ] __driver_attach+0x124/0x1b0\n[ 3.362175 ] ? device_driver_attach+0x70/0x70\n[ 3.362175 ] bus_for_each_dev+0xbb/0x110\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] driver_attach+0x27/0x30\n[ 3.362175 ] bus_add_driver+0x1eb/0x2a0\n[ 3.362175 ] driver_register+0xa9/0x180\n[ 3.362175 ] __pci_register_driver+0x82/0x90\n[ 3.362175 ] ? w6692_init+0x38/0x38\n[ 3.362175 ] nj_init+0x36/0x38\n[ 3.362175 ] do_one_initcall+0x7f/0x3d0\n[ 3.362175 ] ? rdinit_setup+0x45/0x45\n[ 3.362175 ] ? rcu_read_lock_sched_held+0x4f/0x80\n[ 3.362175 ] kernel_init_freeable+0x2aa/0x301\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] kernel_init+0x18/0x190\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ? rest_init+0x2c0/0x2c0\n[ 3.362175 ] ret_from_fork+0x1f/0x30\n[ 3.362175 ] Kernel panic - not syncing: panic_on_warn set ...\n[ 3.362175 ] CPU: 0 PID: 1 Comm: swapper/0 Not tainted\n5.13.0-rc1-00144-g25a1298726e #13\n[ 3.362175 ] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\nrel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 3.362175 ] Call Trace:\n[ 3.362175 ] dump_stack+0xba/0xf5\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] panic+0x15a/0x3f2\n[ 3.362175 ] ? __warn+0xf2/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] __warn+0x108/0x150\n[ 3.362175 ] ? free_irq+0x100/0x480\n[ 3.362175 ] report_bug+0x119/0x1c0\n[ 3.362175 ] handle_bug+0x3b/0x80\n[ 3.362175 ] exc_invalid_op+0x18/0x70\n[ 3.362175 ] asm_exc_invalid_op+0x12/0x20\n[ 3.362175 ] RIP: 0010:free_irq+0x100\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: isdn: mISDN: netjet: Fix crash in nj_probe", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47284" }, { "category": "external", "summary": "RHBZ#2282923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47284", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47284" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47284", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47284" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47284-c8f5@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2021-47284-c8f5@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: isdn: mISDN: netjet: Fix crash in nj_probe" }, { "cve": "CVE-2021-47304", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282479" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix tcp_init_transfer() to not reset icsk_ca_initialized\n\nThis commit fixes a bug (found by syzkaller) that could cause spurious\ndouble-initializations for congestion control modules, which could cause\nmemory leaks or other problems for congestion control modules (like CDG)\nthat allocate memory in their init functions.\n\nThe buggy scenario constructed by syzkaller was something like:\n\n(1) create a TCP socket\n(2) initiate a TFO connect via sendto()\n(3) while socket is in TCP_SYN_SENT, call setsockopt(TCP_CONGESTION),\n which calls:\n tcp_set_congestion_control() -\u003e\n tcp_reinit_congestion_control() -\u003e\n tcp_init_congestion_control()\n(4) receive ACK, connection is established, call tcp_init_transfer(),\n set icsk_ca_initialized=0 (without first calling cc-\u003erelease()),\n call tcp_init_congestion_control() again.\n\nNote that in this sequence tcp_init_congestion_control() is called\ntwice without a cc-\u003erelease() call in between. Thus, for CC modules\nthat allocate memory in their init() function, e.g, CDG, a memory leak\nmay occur. The syzkaller tool managed to find a reproducer that\ntriggered such a leak in CDG.\n\nThe bug was introduced when that commit 8919a9b31eb4 (\"tcp: Only init\ncongestion control if not initialized already\")\nintroduced icsk_ca_initialized and set icsk_ca_initialized to 0 in\ntcp_init_transfer(), missing the possibility for a sequence like the\none above, where a process could call setsockopt(TCP_CONGESTION) in\nstate TCP_SYN_SENT (i.e. after the connect() or TFO open sendmsg()),\nwhich would call tcp_init_congestion_control(). It did not intend to\nreset any initialization that the user had already explicitly made;\nit just missed the possibility of that particular sequence (which\nsyzkaller managed to find).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47304" }, { "category": "external", "summary": "RHBZ#2282479", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282479" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47304", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47304" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47304", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47304" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052126-CVE-2021-47304-fc16@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052126-CVE-2021-47304-fc16@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized" }, { "cve": "CVE-2021-47373", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282373" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Fix potential VPE leak on error\n\nIn its_vpe_irq_domain_alloc, when its_vpe_init() returns an error,\nthere is an off-by-one in the number of VPEs to be freed.\n\nFix it by simply passing the number of VPEs allocated, which is the\nindex of the loop iterating over the VPEs.\n\n[maz: fixed commit message]", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: irqchip/gic-v3-its: Fix potential VPE leak on error", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47373" }, { "category": "external", "summary": "RHBZ#2282373", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282373" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47373", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47373" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47373", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47373" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: irqchip/gic-v3-its: Fix potential VPE leak on error" }, { "cve": "CVE-2021-47408", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282328" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u2019s netfilter and conntrack module, occurring during the resizing and cleanup of hash tables used for connection tracking. The kernel\u0027s nf_ct_iterate_cleanup() function fails to efficiently handle simultaneous hash resizes and cleanups, leading to prolonged delays lead to unresponsive system behavior.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: conntrack: serialize hash resizes and cleanups", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is rated as a moderate severity because it impacts on system availability rather than data security, affects system performance and responsiveness, particularly during cleanup operations under high load conditions", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47408" }, { "category": "external", "summary": "RHBZ#2282328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282328" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47408", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47408" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47408", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47408" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47408-ad88@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052151-CVE-2021-47408-ad88@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: conntrack: serialize hash resizes and cleanups" }, { "cve": "CVE-2021-47461", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-05-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282896" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: fix a race between writeprotect and exit_mmap()\n\nA race is possible when a process exits, its VMAs are removed by\nexit_mmap() and at the same time userfaultfd_writeprotect() is called.\n\nThe race was detected by KASAN on a development kernel, but it appears\nto be possible on vanilla kernels as well.\n\nUse mmget_not_zero() to prevent the race as done in other userfaultfd\noperations.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: userfaultfd: fix a race between writeprotect and exit_mmap()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47461" }, { "category": "external", "summary": "RHBZ#2282896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47461", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47461" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47461", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47461" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052225-CVE-2021-47461-a472@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052225-CVE-2021-47461-a472@gregkh/T" } ], "release_date": "2024-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: userfaultfd: fix a race between writeprotect and exit_mmap()" }, { "cve": "CVE-2021-47468", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-05-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282887" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: mISDN: Fix sleeping function called from invalid context\n\nThe driver can call card-\u003eisac.release() function from an atomic\ncontext.\n\nFix this by calling this function after releasing the lock.\n\nThe following log reveals it:\n\n[ 44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018\n[ 44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe\n[ 44.169574 ] INFO: lockdep is turned off.\n[ 44.169899 ] irq event stamp: 0\n[ 44.170160 ] hardirqs last enabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 44.170627 ] hardirqs last disabled at (0): [\u003cffffffff814209ed\u003e] copy_process+0x132d/0x3e00\n[ 44.171240 ] softirqs last enabled at (0): [\u003cffffffff81420a1a\u003e] copy_process+0x135a/0x3e00\n[ 44.171852 ] softirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 44.172318 ] Preemption disabled at:\n[ 44.172320 ] [\u003cffffffffa009b0a9\u003e] nj_release+0x69/0x500 [netjet]\n[ 44.174441 ] Call Trace:\n[ 44.174630 ] dump_stack_lvl+0xa8/0xd1\n[ 44.174912 ] dump_stack+0x15/0x17\n[ 44.175166 ] ___might_sleep+0x3a2/0x510\n[ 44.175459 ] ? nj_release+0x69/0x500 [netjet]\n[ 44.175791 ] __might_sleep+0x82/0xe0\n[ 44.176063 ] ? start_flush_work+0x20/0x7b0\n[ 44.176375 ] start_flush_work+0x33/0x7b0\n[ 44.176672 ] ? trace_irq_enable_rcuidle+0x85/0x170\n[ 44.177034 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177372 ] ? kasan_quarantine_put+0xaa/0x1f0\n[ 44.177711 ] __flush_work+0x11a/0x1a0\n[ 44.177991 ] ? flush_work+0x20/0x20\n[ 44.178257 ] ? lock_release+0x13c/0x8f0\n[ 44.178550 ] ? __kasan_check_write+0x14/0x20\n[ 44.178872 ] ? do_raw_spin_lock+0x148/0x360\n[ 44.179187 ] ? read_lock_is_recursive+0x20/0x20\n[ 44.179530 ] ? __kasan_check_read+0x11/0x20\n[ 44.179846 ] ? do_raw_spin_unlock+0x55/0x900\n[ 44.180168 ] ? ____kasan_slab_free+0x116/0x140\n[ 44.180505 ] ? _raw_spin_unlock_irqrestore+0x41/0x60\n[ 44.180878 ] ? skb_queue_purge+0x1a3/0x1c0\n[ 44.181189 ] ? kfree+0x13e/0x290\n[ 44.181438 ] flush_work+0x17/0x20\n[ 44.181695 ] mISDN_freedchannel+0xe8/0x100\n[ 44.182006 ] isac_release+0x210/0x260 [mISDNipac]\n[ 44.182366 ] nj_release+0xf6/0x500 [netjet]\n[ 44.182685 ] nj_remove+0x48/0x70 [netjet]\n[ 44.182989 ] pci_device_remove+0xa9/0x250", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: isdn: mISDN: Fix sleeping function called from invalid context", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47468" }, { "category": "external", "summary": "RHBZ#2282887", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282887" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47468", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47468" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47468", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47468" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052227-CVE-2021-47468-6c1b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052227-CVE-2021-47468-6c1b@gregkh/T" } ], "release_date": "2024-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: isdn: mISDN: Fix sleeping function called from invalid context" }, { "cve": "CVE-2021-47491", "cwe": { "id": "CWE-664", "name": "Improper Control of a Resource Through its Lifetime" }, "discovery_date": "2024-05-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282925" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: khugepaged: skip huge page collapse for special files\n\nThe read-only THP for filesystems will collapse THP for files opened\nreadonly and mapped with VM_EXEC. The intended usecase is to avoid TLB\nmisses for large text segments. But it doesn\u0027t restrict the file types\nso a THP could be collapsed for a non-regular file, for example, block\ndevice, if it is opened readonly and mapped with EXEC permission. This\nmay cause bugs, like [1] and [2].\n\nThis is definitely not the intended usecase, so just collapse THP for\nregular files in order to close the attack surface.\n\n[shy828301@gmail.com: fix vm_file check [3]]", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mm: khugepaged: skip huge page collapse for special files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47491" }, { "category": "external", "summary": "RHBZ#2282925", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282925" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47491", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47491" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47491", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47491" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052241-CVE-2021-47491-437d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052241-CVE-2021-47491-437d@gregkh/T" } ], "release_date": "2024-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: mm: khugepaged: skip huge page collapse for special files" }, { "cve": "CVE-2021-47548", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2024-05-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2283401" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()\n\nThe if statement:\n if (port \u003e= DSAF_GE_NUM)\n return;\n\nlimits the value of port less than DSAF_GE_NUM (i.e., 8).\nHowever, if the value of port is 6 or 7, an array overflow could occur:\n port_rst_off = dsaf_dev-\u003emac_cb[port]-\u003eport_rst_off;\n\nbecause the length of dsaf_dev-\u003emac_cb is DSAF_MAX_PORT_NUM (i.e., 6).\n\nTo fix this possible array overflow, we first check port and if it is\ngreater than or equal to DSAF_MAX_PORT_NUM, the function returns.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47548" }, { "category": "external", "summary": "RHBZ#2283401", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283401" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47548", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47548" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052441-CVE-2021-47548-e9c0@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052441-CVE-2021-47548-e9c0@gregkh/T" } ], "release_date": "2024-05-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()" }, { "cve": "CVE-2021-47579", "cwe": { "id": "CWE-457", "name": "Use of Uninitialized Variable" }, "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293250" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix warning in ovl_create_real()\n\nSyzbot triggered the following warning in ovl_workdir_create() -\u003e\novl_create_real():\n\n\tif (!err \u0026\u0026 WARN_ON(!newdentry-\u003ed_inode)) {\n\nThe reason is that the cgroup2 filesystem returns from mkdir without\ninstantiating the new dentry.\n\nWeird filesystems such as this will be rejected by overlayfs at a later\nstage during setup, but to prevent such a warning, call ovl_mkdir_real()\ndirectly from ovl_workdir_create() and reject this case early.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ovl: fix warning in ovl_create_real()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47579" }, { "category": "external", "summary": "RHBZ#2293250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293250" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47579", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47579" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47579", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47579" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061915-CVE-2021-47579-4f78@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061915-CVE-2021-47579-4f78@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ovl: fix warning in ovl_create_real()" }, { "cve": "CVE-2021-47624", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2298108" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change\n\nThe refcount leak issues take place in an error handling path. When the\n3rd argument buf doesn\u0027t match with \"offline\", \"online\" or \"remove\", the\nfunction simply returns -EINVAL and forgets to decrease the reference\ncount of a rpc_xprt object and a rpc_xprt_switch object increased by\nrpc_sysfs_xprt_kobj_get_xprt() and\nrpc_sysfs_xprt_kobj_get_xprt_switch(), causing reference count leaks of\nboth unused objects.\n\nFix this issue by jumping to the error handling path labelled with\nout_put when buf matches none of \"offline\", \"online\" or \"remove\".", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-47624" }, { "category": "external", "summary": "RHBZ#2298108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298108" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47624", "url": "https://www.cve.org/CVERecord?id=CVE-2021-47624" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47624", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47624" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071646-CVE-2021-47624-86cd@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071646-CVE-2021-47624-86cd@gregkh/T" } ], "release_date": "2024-07-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change" }, { "cve": "CVE-2022-48632", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2024-04-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2277840" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. The following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction().", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48632" }, { "category": "external", "summary": "RHBZ#2277840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277840" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48632", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48632" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48632", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48632" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024042854-CVE-2022-48632-465f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024042854-CVE-2022-48632-465f@gregkh/T" } ], "release_date": "2024-04-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()" }, { "cve": "CVE-2022-48743", "cwe": { "id": "CWE-124", "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)" }, "discovery_date": "2024-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293316" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: amd-xgbe: Fix skb data length underflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48743" }, { "category": "external", "summary": "RHBZ#2293316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293316" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48743", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48743" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48743", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48743" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48743-ee30@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48743-ee30@gregkh/T" } ], "release_date": "2024-06-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net: amd-xgbe: Fix skb data length underflow" }, { "cve": "CVE-2022-48747", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293312" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix wrong offset in bio_truncate()\n\nbio_truncate() clears the buffer outside of last block of bdev, however\ncurrent bio_truncate() is using the wrong offset of page. So it can\nreturn the uninitialized data.\n\nThis happened when both of truncated/corrupted FS and userspace (via\nbdev) are trying to read the last of bdev.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: block: Fix wrong offset in bio_truncate()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48747" }, { "category": "external", "summary": "RHBZ#2293312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293312" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48747", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48747" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48747", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48747" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062004-CVE-2022-48747-c63f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062004-CVE-2022-48747-c63f@gregkh/T" } ], "release_date": "2024-06-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: block: Fix wrong offset in bio_truncate()" }, { "cve": "CVE-2022-48757", "cwe": { "id": "CWE-276", "name": "Incorrect Default Permissions" }, "discovery_date": "2024-06-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293383" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: fix information leakage in /proc/net/ptype", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48757" }, { "category": "external", "summary": "RHBZ#2293383", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293383" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48757", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48757" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48757", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48757" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48757-c816@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48757-c816@gregkh/T" } ], "release_date": "2024-06-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net: fix information leakage in /proc/net/ptype" }, { "cve": "CVE-2023-52463", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265797" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel, which involves the improper handling of the efivarfs filesystem when the firmware does not support the SetVariable function at runtime. Specifically, even if efivarfs is initially mounted as read-only (RO), it can be remounted as read-write (RW) without checking if the firmware can handle variable updates. This issue allows operations such as efi-updatevar to be executed, which leads to a crash due to a NULL pointer dereference. This crash occurs because the callback for SetVariable is not assigned, causing a level 0 translation fault.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: efivarfs: force RO when remounting if SetVariable is not supported", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is classified as Moderate severity because it requires specific conditions to be exploited: the system must be using a firmware that does not support the SetVariable function at runtime, and an attacker must have the ability to remount the efivarfs filesystem with read-write permissions. While it does not provide direct unauthorized access or code execution, the resulting crash from a NULL pointer dereference can cause denial of service, disrupting normal system operations. The impact is limited to systems with the specified firmware and does not affect systems where the SetVariable function is properly supported, reducing the overall exposure and potential damage.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52463" }, { "category": "external", "summary": "RHBZ#2265797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265797" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52463", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52463" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52463", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52463" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52463-6195@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52463-6195@gregkh/T/#u" } ], "release_date": "2024-02-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: efivarfs: force RO when remounting if SetVariable is not supported" }, { "cve": "CVE-2023-52469", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-02-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266341" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in kv_parse_power_table in drivers/amd/pm in the Linux kernel. When ps equals NULL, kv_parse_power_table frees adev-\u003epm.dpm.ps. The adev-\u003epm.dpm.ps is used in the loop of kv_dpm_fini after its first free in kv_parse_power_table, causing a use-after-free problem.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in kv_parse_power_table", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52469" }, { "category": "external", "summary": "RHBZ#2266341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266341" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52469", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52469" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/28dd788382c43b330480f57cd34cde0840896743", "url": "https://git.kernel.org/stable/c/28dd788382c43b330480f57cd34cde0840896743" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3426f059eacc33ecc676b0d66539297e1cfafd02", "url": "https://git.kernel.org/stable/c/3426f059eacc33ecc676b0d66539297e1cfafd02" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/35fa2394d26e919f63600ce631e6aefc95ec2706", "url": "https://git.kernel.org/stable/c/35fa2394d26e919f63600ce631e6aefc95ec2706" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/520e213a0b97b64735a13950e9371e0a5d7a5dc3", "url": "https://git.kernel.org/stable/c/520e213a0b97b64735a13950e9371e0a5d7a5dc3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e", "url": "https://git.kernel.org/stable/c/8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b55b06e737feb2a645b0293ea27e38418876d63", "url": "https://git.kernel.org/stable/c/8b55b06e737feb2a645b0293ea27e38418876d63" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/95084632a65d5c0d682a83b55935560bdcd2a1e3", "url": "https://git.kernel.org/stable/c/95084632a65d5c0d682a83b55935560bdcd2a1e3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b6dcba02ee178282e0d28684d241e0b8462dea6a", "url": "https://git.kernel.org/stable/c/b6dcba02ee178282e0d28684d241e0b8462dea6a" } ], "release_date": "2024-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in kv_parse_power_table" }, { "cve": "CVE-2023-52471", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-02-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266347" } ], "notes": [ { "category": "description", "text": "A null pointer dereference problem was found in ice_ptp.c in ice in the Linux Kernel. This issue occurs when devm_kasprintf() returns a pointer to dynamically allocated memory, which can be NULL upon failure.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: null pointer dereference issues in ice_ptp.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52471" }, { "category": "external", "summary": "RHBZ#2266347", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266347" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52471", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52471" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52471", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52471" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3027e7b15b02d2d37e3f82d6b8404f6d37e3b8cf", "url": "https://git.kernel.org/stable/c/3027e7b15b02d2d37e3f82d6b8404f6d37e3b8cf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3cd9b9bee33f39f6c6d52360fe381b89a7b12695", "url": "https://git.kernel.org/stable/c/3cd9b9bee33f39f6c6d52360fe381b89a7b12695" } ], "release_date": "2024-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: null pointer dereference issues in ice_ptp.c" }, { "cve": "CVE-2023-52486", "cwe": { "id": "CWE-833", "name": "Deadlock" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2269070" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. A frame buffer can be freed while still in use in a specific situation in drivers/gpu/drm/drm_plane.c. This issue may compromise the availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm: Don\u0027t unref the same fb many times by mistake due to deadlock handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52486" }, { "category": "external", "summary": "RHBZ#2269070", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269070" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52486", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52486" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52486", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52486" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-27-lee@kernel.org/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-27-lee@kernel.org/T/#u" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm: Don\u0027t unref the same fb many times by mistake due to deadlock handling" }, { "cve": "CVE-2023-52530", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2267787" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found\u00a0in the Linux kernel\u2019s IEEE 802.11 networking stack implementation functionality, used by Wifi, in how a user triggers the error path of the ieee80211_gtk_rekey_add function. This flaw allows a local user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: mac80211: fix potential key use-after-free", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 9 is not affected by this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52530" }, { "category": "external", "summary": "RHBZ#2267787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52530", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52530" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52530", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52530" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024030255-CVE-2023-52530-ebf0@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024030255-CVE-2023-52530-ebf0@gregkh/T/#u" } ], "release_date": "2024-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: mac80211: fix potential key use-after-free" }, { "cve": "CVE-2023-52619", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-03-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270084" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the pstore/ram component of the Linux kernel, which caused crashes when the number of CPU cores was set to an odd number. This issue occurs because the odd-numbered zones became misaligned. This flaw allows a local, authenticated attacker to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: pstore/ram: Fix crash when setting number of cpus to an odd number", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52619" }, { "category": "external", "summary": "RHBZ#2270084", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270084" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52619", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52619" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52619", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52619" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-9-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-9-lee@kernel.org/T" } ], "release_date": "2024-03-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: pstore/ram: Fix crash when setting number of cpus to an odd number" }, { "cve": "CVE-2023-52622", "cwe": { "id": "CWE-131", "name": "Incorrect Calculation of Buffer Size" }, "discovery_date": "2024-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2271688" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n \u003cTASK\u003e\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE \u003c\u003c MAX_ORDER) / sizeof(struct ext4_new_group_data) \u2248 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ext4: avoid online resizing failures due to oversized flex bg", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52622" }, { "category": "external", "summary": "RHBZ#2271688", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271688" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52622", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52622" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52622", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52622" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-5-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-5-lee@kernel.org/T" } ], "release_date": "2024-03-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ext4: avoid online resizing failures due to oversized flex bg" }, { "cve": "CVE-2023-52623", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2271686" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix a suspicious RCU usage warning\n\nI received the following warning while running cthon against an ontap\nserver running pNFS:\n\n[ 57.202521] =============================\n[ 57.202522] WARNING: suspicious RCU usage\n[ 57.202523] 6.7.0-rc3-g2cc14f52aeb7 #41492 Not tainted\n[ 57.202525] -----------------------------\n[ 57.202525] net/sunrpc/xprtmultipath.c:349 RCU-list traversed in non-reader section!!\n[ 57.202527]\n other info that might help us debug this:\n\n[ 57.202528]\n rcu_scheduler_active = 2, debug_locks = 1\n[ 57.202529] no locks held by test5/3567.\n[ 57.202530]\n stack backtrace:\n[ 57.202532] CPU: 0 PID: 3567 Comm: test5 Not tainted 6.7.0-rc3-g2cc14f52aeb7 #41492 5b09971b4965c0aceba19f3eea324a4a806e227e\n[ 57.202534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 2/2/2022\n[ 57.202536] Call Trace:\n[ 57.202537] \u003cTASK\u003e\n[ 57.202540] dump_stack_lvl+0x77/0xb0\n[ 57.202551] lockdep_rcu_suspicious+0x154/0x1a0\n[ 57.202556] rpc_xprt_switch_has_addr+0x17c/0x190 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202596] rpc_clnt_setup_test_and_add_xprt+0x50/0x180 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202621] ? rpc_clnt_add_xprt+0x254/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202646] rpc_clnt_add_xprt+0x27a/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202671] ? __pfx_rpc_clnt_setup_test_and_add_xprt+0x10/0x10 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202696] nfs4_pnfs_ds_connect+0x345/0x760 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202728] ? __pfx_nfs4_test_session_trunk+0x10/0x10 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202754] nfs4_fl_prepare_ds+0x75/0xc0 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a]\n[ 57.202760] filelayout_write_pagelist+0x4a/0x200 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a]\n[ 57.202765] pnfs_generic_pg_writepages+0xbe/0x230 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202788] __nfs_pageio_add_request+0x3fd/0x520 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202813] nfs_pageio_add_request+0x18b/0x390 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202831] nfs_do_writepage+0x116/0x1e0 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202849] nfs_writepages_callback+0x13/0x30 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202866] write_cache_pages+0x265/0x450\n[ 57.202870] ? __pfx_nfs_writepages_callback+0x10/0x10 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202891] nfs_writepages+0x141/0x230 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202913] do_writepages+0xd2/0x230\n[ 57.202917] ? filemap_fdatawrite_wbc+0x5c/0x80\n[ 57.202921] filemap_fdatawrite_wbc+0x67/0x80\n[ 57.202924] filemap_write_and_wait_range+0xd9/0x170\n[ 57.202930] nfs_wb_all+0x49/0x180 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202947] nfs4_file_flush+0x72/0xb0 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202969] __se_sys_close+0x46/0xd0\n[ 57.202972] do_syscall_64+0x68/0x100\n[ 57.202975] ? do_syscall_64+0x77/0x100\n[ 57.202976] ? do_syscall_64+0x77/0x100\n[ 57.202979] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[ 57.202982] RIP: 0033:0x7fe2b12e4a94\n[ 57.202985] Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d d5 18 0e 00 00 74 13 b8 03 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 44 c3 0f 1f 00 48 83 ec 18 89 7c 24 0c e8 c3\n[ 57.202987] RSP: 002b:00007ffe857ddb38 EFLAGS: 00000202 ORIG_RAX: 0000000000000003\n[ 57.202989] RAX: ffffffffffffffda RBX: 00007ffe857dfd68 RCX: 00007fe2b12e4a94\n[ 57.202991] RDX: 0000000000002000 RSI: 00007ffe857ddc40 RDI: 0000000000000003\n[ 57.202992] RBP: 00007ffe857dfc50 R08: 7fffffffffffffff R09: 0000000065650f49\n[ 57.202993] R10: 00007f\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: SUNRPC: Fix a suspicious RCU usage warning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52623" }, { "category": "external", "summary": "RHBZ#2271686", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271686" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52623", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52623" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52623", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52623" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-6-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-6-lee@kernel.org/T" } ], "release_date": "2024-03-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: SUNRPC: Fix a suspicious RCU usage warning" }, { "cve": "CVE-2023-52648", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278539" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Unmap the surface before resetting it on a plane state\n\nSwitch to a new plane state requires unreferencing of all held surfaces.\nIn the work required for mob cursors the mapped surfaces started being\ncached but the variable indicating whether the surface is currently\nmapped was not being reset. This leads to crashes as the duplicated\nstate, incorrectly, indicates the that surface is mapped even when\nno surface is present. That\u0027s because after unreferencing the surface\nit\u0027s perfectly possible for the plane to be backed by a bo instead of a\nsurface.\n\nReset the surface mapped flag when unreferencing the plane state surface\nto fix null derefs in cleanup. Fixes crashes in KDE KWin 6.0 on Wayland:\n\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 4 PID: 2533 Comm: kwin_wayland Not tainted 6.7.0-rc3-vmwgfx #2\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\nCode: 00 00 00 75 3a 48 83 c4 10 5b 5d c3 cc cc cc cc 48 8b b3 a8 00 00 00 48 c7 c7 99 90 43 c0 e8 93 c5 db ca 48 8b 83 a8 00 00 00 \u003c48\u003e 8b 78 28 e8 e3 f\u003e\nRSP: 0018:ffffb6b98216fa80 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff969d84cdcb00 RCX: 0000000000000027\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff969e75f21600\nRBP: ffff969d4143dc50 R08: 0000000000000000 R09: ffffb6b98216f920\nR10: 0000000000000003 R11: ffff969e7feb3b10 R12: 0000000000000000\nR13: 0000000000000000 R14: 000000000000027b R15: ffff969d49c9fc00\nFS: 00007f1e8f1b4180(0000) GS:ffff969e75f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000028 CR3: 0000000104006004 CR4: 00000000003706f0\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\n drm_atomic_helper_cleanup_planes+0x9b/0xc0\n commit_tail+0xd1/0x130\n drm_atomic_helper_commit+0x11a/0x140\n drm_atomic_commit+0x97/0xd0\n ? __pfx___drm_printfn_info+0x10/0x10\n drm_atomic_helper_update_plane+0xf5/0x160\n drm_mode_cursor_universal+0x10e/0x270\n drm_mode_cursor_common+0x102/0x230\n ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10\n drm_ioctl_kernel+0xb2/0x110\n drm_ioctl+0x26d/0x4b0\n ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10\n ? __pfx_drm_ioctl+0x10/0x10\n vmw_generic_ioctl+0xa4/0x110 [vmwgfx]\n __x64_sys_ioctl+0x94/0xd0\n do_syscall_64+0x61/0xe0\n ? __x64_sys_ioctl+0xaf/0xd0\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? do_syscall_64+0x70/0xe0\n ? __x64_sys_ioctl+0xaf/0xd0\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? do_syscall_64+0x70/0xe0\n ? exc_page_fault+0x7f/0x180\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\nRIP: 0033:0x7f1e93f279ed\nCode: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 \u003c89\u003e c2 3d 00 f0 ff f\u003e\nRSP: 002b:00007ffca0faf600 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000055db876ed2c0 RCX: 00007f1e93f279ed\nRDX: 00007ffca0faf6c0 RSI: 00000000c02464bb RDI: 0000000000000015\nRBP: 00007ffca0faf650 R08: 000055db87184010 R09: 0000000000000007\nR10: 000055db886471a0 R11: 0000000000000246 R12: 00007ffca0faf6c0\nR13: 00000000c02464bb R14: 0000000000000015 R15: 00007ffca0faf790\n \u003c/TASK\u003e\nModules linked in: snd_seq_dummy snd_hrtimer nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_ine\u003e\nCR2: 0000000000000028\n---[ end trace 0000000000000000 ]---\nRIP: 0010:vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\nCode: 00 00 00 75 3a 48 83 c4 10 5b 5d c3 cc cc cc cc 48 8b b3 a8 00 00 00 48 c7 c7 99 90 43 c0 e8 93 c5 db ca 48 8b 83 a8 00 00 00 \u003c48\u003e 8b 78 28 e8 e3 f\u003e\nRSP: 0018:ffffb6b98216fa80 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff969d84cdcb00 RCX: 0000000000000027\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff969e75f21600\nRBP: ffff969d4143\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/vmwgfx: Unmap the surface before resetting it on a plane state", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52648" }, { "category": "external", "summary": "RHBZ#2278539", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278539" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52648", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52648" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52648", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52648" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2023-52648-4e0d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050122-CVE-2023-52648-4e0d@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/vmwgfx: Unmap the surface before resetting it on a plane state" }, { "cve": "CVE-2023-52653", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278515" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: SUNRPC: fix a memleak in gss_import_v2_context", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52653" }, { "category": "external", "summary": "RHBZ#2278515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278515" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52653", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52653" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52653", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52653" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2023-52653-a5c2@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050131-CVE-2023-52653-a5c2@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: SUNRPC: fix a memleak in gss_import_v2_context" }, { "cve": "CVE-2023-52658", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281149" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"net/mlx5: Block entering switchdev mode with ns inconsistency\"\n\nThis reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b.\nThe revert is required due to the suspicion it is not good for anything\nand cause crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Revert \u0026#34;net/mlx5: Block entering switchdev mode with ns inconsistency\u0026#34;", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52658" }, { "category": "external", "summary": "RHBZ#2281149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281149" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52658", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52658" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52658", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52658" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051717-CVE-2023-52658-4c61@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051717-CVE-2023-52658-4c61@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Revert \u0026#34;net/mlx5: Block entering switchdev mode with ns inconsistency\u0026#34;" }, { "cve": "CVE-2023-52662", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281360" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node\n\nWhen ida_alloc_max fails, resources allocated before should be freed,\nincluding *res allocated by kmalloc and ttm_resource_init.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52662" }, { "category": "external", "summary": "RHBZ#2281360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281360" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52662", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52662" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52662", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52662" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2023-52662-1536@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2023-52662-1536@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node" }, { "cve": "CVE-2023-52679", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281326" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: Fix double free in of_parse_phandle_with_args_map\n\nIn of_parse_phandle_with_args_map() the inner loop that\niterates through the map entries calls of_node_put(new)\nto free the reference acquired by the previous iteration\nof the inner loop. This assumes that the value of \"new\" is\nNULL on the first iteration of the inner loop.\n\nMake sure that this is true in all iterations of the outer\nloop by setting \"new\" to NULL after its value is assigned to \"cur\".\n\nExtend the unittest to detect the double free and add an additional\ntest case that actually triggers this path.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: of: Fix double free in of_parse_phandle_with_args_map", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52679" }, { "category": "external", "summary": "RHBZ#2281326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281326" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52679", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52679" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52679", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52679" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051750-CVE-2023-52679-948f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051750-CVE-2023-52679-948f@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: of: Fix double free in of_parse_phandle_with_args_map" }, { "cve": "CVE-2023-52707", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282615" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/psi: Fix use-after-free in ep_remove_wait_queue()\n\nIf a non-root cgroup gets removed when there is a thread that registered\ntrigger and is polling on a pressure file within the cgroup, the polling\nwaitqueue gets freed in the following path:\n\n do_rmdir\n cgroup_rmdir\n kernfs_drain_open_files\n cgroup_file_release\n cgroup_pressure_release\n psi_trigger_destroy\n\nHowever, the polling thread still has a reference to the pressure file and\nwill access the freed waitqueue when the file is closed or upon exit:\n\n fput\n ep_eventpoll_release\n ep_free\n ep_remove_wait_queue\n remove_wait_queue\n\nThis results in use-after-free as pasted below.\n\nThe fundamental problem here is that cgroup_file_release() (and\nconsequently waitqueue\u0027s lifetime) is not tied to the file\u0027s real lifetime.\nUsing wake_up_pollfree() here might be less than ideal, but it is in line\nwith the comment at commit 42288cb44c4b (\"wait: add wake_up_pollfree()\")\nsince the waitqueue\u0027s lifetime is not tied to file\u0027s one and can be\nconsidered as another special case. While this would be fixable by somehow\nmaking cgroup_file_release() be tied to the fput(), it would require\nsizable refactoring at cgroups or higher layer which might be more\njustifiable if we identify more cases like this.\n\n BUG: KASAN: use-after-free in _raw_spin_lock_irqsave+0x60/0xc0\n Write of size 4 at addr ffff88810e625328 by task a.out/4404\n\n\tCPU: 19 PID: 4404 Comm: a.out Not tainted 6.2.0-rc6 #38\n\tHardware name: Amazon EC2 c5a.8xlarge/, BIOS 1.0 10/16/2017\n\tCall Trace:\n\t\u003cTASK\u003e\n\tdump_stack_lvl+0x73/0xa0\n\tprint_report+0x16c/0x4e0\n\tkasan_report+0xc3/0xf0\n\tkasan_check_range+0x2d2/0x310\n\t_raw_spin_lock_irqsave+0x60/0xc0\n\tremove_wait_queue+0x1a/0xa0\n\tep_free+0x12c/0x170\n\tep_eventpoll_release+0x26/0x30\n\t__fput+0x202/0x400\n\ttask_work_run+0x11d/0x170\n\tdo_exit+0x495/0x1130\n\tdo_group_exit+0x100/0x100\n\tget_signal+0xd67/0xde0\n\tarch_do_signal_or_restart+0x2a/0x2b0\n\texit_to_user_mode_prepare+0x94/0x100\n\tsyscall_exit_to_user_mode+0x20/0x40\n\tdo_syscall_64+0x52/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\t\u003c/TASK\u003e\n\n Allocated by task 4404:\n\n\tkasan_set_track+0x3d/0x60\n\t__kasan_kmalloc+0x85/0x90\n\tpsi_trigger_create+0x113/0x3e0\n\tpressure_write+0x146/0x2e0\n\tcgroup_file_write+0x11c/0x250\n\tkernfs_fop_write_iter+0x186/0x220\n\tvfs_write+0x3d8/0x5c0\n\tksys_write+0x90/0x110\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n Freed by task 4407:\n\n\tkasan_set_track+0x3d/0x60\n\tkasan_save_free_info+0x27/0x40\n\t____kasan_slab_free+0x11d/0x170\n\tslab_free_freelist_hook+0x87/0x150\n\t__kmem_cache_free+0xcb/0x180\n\tpsi_trigger_destroy+0x2e8/0x310\n\tcgroup_file_release+0x4f/0xb0\n\tkernfs_drain_open_files+0x165/0x1f0\n\tkernfs_drain+0x162/0x1a0\n\t__kernfs_remove+0x1fb/0x310\n\tkernfs_remove_by_name_ns+0x95/0xe0\n\tcgroup_addrm_files+0x67f/0x700\n\tcgroup_destroy_locked+0x283/0x3c0\n\tcgroup_rmdir+0x29/0x100\n\tkernfs_iop_rmdir+0xd1/0x140\n\tvfs_rmdir+0xfe/0x240\n\tdo_rmdir+0x13d/0x280\n\t__x64_sys_rmdir+0x2c/0x30\n\tdo_syscall_64+0x43/0x90\n\tentry_SYSCALL_64_after_hwframe+0x63/0xcd", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: sched/psi: Fix use-after-free in ep_remove_wait_queue()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52707" }, { "category": "external", "summary": "RHBZ#2282615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52707", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52707" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52707", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52707" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52707-e048@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52707-e048@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: sched/psi: Fix use-after-free in ep_remove_wait_queue()" }, { "cve": "CVE-2023-52730", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282640" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won\u0027t call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of \u0027card-\u003edev\u0027 is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c000000002f839ccb\u003e] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [\u003c0000000004adcbf6\u003e] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [\u003c000000007538fea0\u003e] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n [\u003c00000000fcbe706c\u003e] sdio_alloc_func+0x35/0x100 [mmc_core]\n [\u003c00000000c68f4b50\u003e] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mmc: sdio: fix possible resource leaks in some error paths", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52730" }, { "category": "external", "summary": "RHBZ#2282640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282640" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52730", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52730" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52730", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52730" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52730-1c8f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52730-1c8f@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: mmc: sdio: fix possible resource leaks in some error paths" }, { "cve": "CVE-2023-52756", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282742" } ], "notes": [ { "category": "description", "text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: pwm: Fix double shift bug", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52756" }, { "category": "external", "summary": "RHBZ#2282742", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282742" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52756", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52756" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52756", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52756" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52756-f694@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2023-52756-f694@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: pwm: Fix double shift bug" }, { "cve": "CVE-2023-52762", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282623" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: fix implicit overflow on virtio_max_dma_size\n\nThe following codes have an implicit conversion from size_t to u32:\n(u32)max_size = (size_t)virtio_max_dma_size(vdev);\n\nThis may lead overflow, Ex (size_t)4G -\u003e (u32)0. Once\nvirtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX\ninstead.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: virtio-blk: fix implicit overflow on virtio_max_dma_size", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52762" }, { "category": "external", "summary": "RHBZ#2282623", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282623" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52762", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52762" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52762", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52762" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52762-fe90@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2023-52762-fe90@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: virtio-blk: fix implicit overflow on virtio_max_dma_size" }, { "cve": "CVE-2023-52764", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282780" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: media: gspca: cpia1: shift-out-of-bounds in set_flicker", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52764" }, { "category": "external", "summary": "RHBZ#2282780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282780" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52764", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52764" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52764", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52764" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52764-fa3b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052148-CVE-2023-52764-fa3b@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: media: gspca: cpia1: shift-out-of-bounds in set_flicker" }, { "cve": "CVE-2023-52777", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282642" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix gtk offload status event locking\n\nThe ath11k active pdevs are protected by RCU but the gtk offload status\nevent handling code calling ath11k_mac_get_arvif_by_vdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: ath11k: fix gtk offload status event locking", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52777" }, { "category": "external", "summary": "RHBZ#2282642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282642" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52777", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52777" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52777", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52777" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52777-2f32@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052152-CVE-2023-52777-2f32@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: wifi: ath11k: fix gtk offload status event locking" }, { "cve": "CVE-2023-52784", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282772" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: bonding: stop the device in bond_setup_by_slave()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52784" }, { "category": "external", "summary": "RHBZ#2282772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282772" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52784", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52784" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52784", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52784" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52784-80ad@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052154-CVE-2023-52784-80ad@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: bonding: stop the device in bond_setup_by_slave()" }, { "cve": "CVE-2023-52791", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282763" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: core: Run atomic i2c xfer when !preemptible\n\nSince bae1d3a05a8b, i2c transfers are non-atomic if preemption is\ndisabled. However, non-atomic i2c transfers require preemption (e.g. in\nwait_for_completion() while waiting for the DMA).\n\npanic() calls preempt_disable_notrace() before calling\nemergency_restart(). Therefore, if an i2c device is used for the\nrestart, the xfer should be atomic. This avoids warnings like:\n\n[ 12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0\n[ 12.676926] Voluntary context switch within RCU read-side critical section!\n...\n[ 12.742376] schedule_timeout from wait_for_completion_timeout+0x90/0x114\n[ 12.749179] wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70\n...\n[ 12.994527] atomic_notifier_call_chain from machine_restart+0x34/0x58\n[ 13.001050] machine_restart from panic+0x2a8/0x32c\n\nUse !preemptible() instead, which is basically the same check as\npre-v5.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: i2c: core: Run atomic i2c xfer when !preemptible", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52791" }, { "category": "external", "summary": "RHBZ#2282763", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282763" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52791", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52791" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52791", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52791" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52791-f2b9@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052156-CVE-2023-52791-f2b9@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: i2c: core: Run atomic i2c xfer when !preemptible" }, { "cve": "CVE-2023-52796", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282766" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 \u003c41\u003e 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003c#DF\u003e\n\u003c/#DF\u003e\n\u003cTASK\u003e\n[\u003cffffffff81f281d1\u003e] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[\u003cffffffff817e5bf2\u003e] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[\u003cffffffff817e5bf2\u003e] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[\u003cffffffff817e5bf2\u003e] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[\u003cffffffff817e5bf2\u003e] cpu_online include/linux/cpumask.h:1092 [inline]\n[\u003cffffffff817e5bf2\u003e] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[\u003cffffffff817e5bf2\u003e] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[\u003cffffffff8563221e\u003e] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[\u003cffffffff8561464d\u003e] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[\u003cffffffff8561464d\u003e] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[\u003cffffffff85618120\u003e] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[\u003cffffffff856f65b5\u003e] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[\u003cffffffff856f65b5\u003e] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[\u003cffffffff85618009\u003e] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[\u003cffffffff8561821a\u003e] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[\u003cffffffff838bd5a3\u003e] ip6_route_output include/net/ip6_route.h:100 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[\u003cffffffff838c2909\u003e] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[\u003cffffffff84d03900\u003e] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[\u003cffffffff84d03900\u003e] xmit_one net/core/dev.c:3644 [inline]\n[\u003cffffffff84d03900\u003e] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[\u003cffffffff84d080e2\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff855ce4cd\u003e] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[\u003cffffffff855ce4cd\u003e] neigh_hh_output include/net/neighbour.h:529 [inline]\n[\u003cf\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ipvlan: add ipvlan_route_v6_outbound() helper", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52796" }, { "category": "external", "summary": "RHBZ#2282766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282766" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52796", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52796" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52796", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52796" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52796-860d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052158-CVE-2023-52796-860d@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ipvlan: add ipvlan_route_v6_outbound() helper" }, { "cve": "CVE-2023-52803", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282727" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[ 250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[ 250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[ 250.500549] Workqueue: events rpc_free_client_work\n[ 250.501001] Call Trace:\n[ 250.502880] kasan_report+0xb6/0xf0\n[ 250.503209] ? dget_parent+0x195/0x200\n[ 250.503561] dget_parent+0x195/0x200\n[ 250.503897] ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[ 250.504384] rpc_rmdir_depopulate+0x1b/0x90\n[ 250.504781] rpc_remove_client_dir+0xf5/0x150\n[ 250.505195] rpc_free_client_work+0xe4/0x230\n[ 250.505598] process_one_work+0x8ee/0x13b0\n...\n[ 22.039056] Allocated by task 244:\n[ 22.039390] kasan_save_stack+0x22/0x50\n[ 22.039758] kasan_set_track+0x25/0x30\n[ 22.040109] __kasan_slab_alloc+0x59/0x70\n[ 22.040487] kmem_cache_alloc_lru+0xf0/0x240\n[ 22.040889] __d_alloc+0x31/0x8e0\n[ 22.041207] d_alloc+0x44/0x1f0\n[ 22.041514] __rpc_lookup_create_exclusive+0x11c/0x140\n[ 22.041987] rpc_mkdir_populate.constprop.0+0x5f/0x110\n[ 22.042459] rpc_create_client_dir+0x34/0x150\n[ 22.042874] rpc_setup_pipedir_sb+0x102/0x1c0\n[ 22.043284] rpc_client_register+0x136/0x4e0\n[ 22.043689] rpc_new_client+0x911/0x1020\n[ 22.044057] rpc_create_xprt+0xcb/0x370\n[ 22.044417] rpc_create+0x36b/0x6c0\n...\n[ 22.049524] Freed by task 0:\n[ 22.049803] kasan_save_stack+0x22/0x50\n[ 22.050165] kasan_set_track+0x25/0x30\n[ 22.050520] kasan_save_free_info+0x2b/0x50\n[ 22.050921] __kasan_slab_free+0x10e/0x1a0\n[ 22.051306] kmem_cache_free+0xa5/0x390\n[ 22.051667] rcu_core+0x62c/0x1930\n[ 22.051995] __do_softirq+0x165/0x52a\n[ 22.052347]\n[ 22.052503] Last potentially related work creation:\n[ 22.052952] kasan_save_stack+0x22/0x50\n[ 22.053313] __kasan_record_aux_stack+0x8e/0xa0\n[ 22.053739] __call_rcu_common.constprop.0+0x6b/0x8b0\n[ 22.054209] dentry_free+0xb2/0x140\n[ 22.054540] __dentry_kill+0x3be/0x540\n[ 22.054900] shrink_dentry_list+0x199/0x510\n[ 22.055293] shrink_dcache_parent+0x190/0x240\n[ 22.055703] do_one_tree+0x11/0x40\n[ 22.056028] shrink_dcache_for_umount+0x61/0x140\n[ 22.056461] generic_shutdown_super+0x70/0x590\n[ 22.056879] kill_anon_super+0x3a/0x60\n[ 22.057234] rpc_kill_sb+0x121/0x200", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52803" }, { "category": "external", "summary": "RHBZ#2282727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282727" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52803", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52803" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52803", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52803" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52803-1f43@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52803-1f43@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries" }, { "cve": "CVE-2023-52811", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282743" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Remove BUG_ON in the case of an empty event pool\n\nIn practice the driver should never send more commands than are allocated\nto a queue\u0027s event pool. In the unlikely event that this happens, the code\nasserts a BUG_ON, and in the case that the kernel is not configured to\ncrash on panic returns a junk event pointer from the empty event list\ncausing things to spiral from there. This BUG_ON is a historical artifact\nof the ibmvfc driver first being upstreamed, and it is well known now that\nthe use of BUG_ON is bad practice except in the most unrecoverable\nscenario. There is nothing about this scenario that prevents the driver\nfrom recovering and carrying on.\n\nRemove the BUG_ON in question from ibmvfc_get_event() and return a NULL\npointer in the case of an empty event pool. Update all call sites to\nibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate\nfailure or recovery action.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52811" }, { "category": "external", "summary": "RHBZ#2282743", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282743" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52811", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52811" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52811", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52811" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52811-2a5f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052102-CVE-2023-52811-2a5f@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool" }, { "cve": "CVE-2023-52832", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282645" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type \u0027int\u0027\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: mac80211: don\u0026#39;t return unset power in ieee80211_get_tx_power()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52832" }, { "category": "external", "summary": "RHBZ#2282645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52832", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52832" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52832", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52832" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52832-b9d9@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052108-CVE-2023-52832-b9d9@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: mac80211: don\u0026#39;t return unset power in ieee80211_get_tx_power()" }, { "cve": "CVE-2023-52834", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282744" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\natl1c: Work around the DMA RX overflow issue\n\nThis is based on alx driver commit 881d0327db37 (\"net: alx: Work around\nthe DMA RX overflow issue\").\n\nThe alx and atl1c drivers had RX overflow error which was why a custom\nallocator was created to avoid certain addresses. The simpler workaround\nthen created for alx driver, but not for atl1c due to lack of tester.\n\nInstead of using a custom allocator, check the allocated skb address and\nuse skb_reserve() to move away from problematic 0x...fc0 address.\n\nTested on AR8131 on Acer 4540.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: atl1c: Work around the DMA RX overflow issue", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52834" }, { "category": "external", "summary": "RHBZ#2282744", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282744" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52834", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52834" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52834", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52834" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52834-4c46@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052109-CVE-2023-52834-4c46@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: atl1c: Work around the DMA RX overflow issue" }, { "cve": "CVE-2023-52845", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282759" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING\n\nsyzbot reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]\nBUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756\n strlen lib/string.c:418 [inline]\n strstr+0xb8/0x2f0 lib/string.c:756\n tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595\n genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1051 [inline]\n genl_rcv_msg+0x11ec/0x1290 net/netlink/genetlink.c:1066\n netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0xf47/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]\n netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTIPC bearer-related names including link names must be null-terminated\nstrings. If a link name which is not null-terminated is passed through\nnetlink, strstr() and similar functions can cause buffer overrun. This\ncauses the above issue.\n\nThis patch changes the nla_policy for bearer-related names from NLA_STRING\nto NLA_NUL_STRING. This resolves the issue by ensuring that only\nnull-terminated strings are accepted as bearer-related names.\n\nsyzbot reported similar uninit-value issue related to bearer names [2]. The\nroot cause of this issue is that a non-null-terminated bearer name was\npassed. This patch also resolved this issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52845" }, { "category": "external", "summary": "RHBZ#2282759", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282759" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52845", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52845" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52845", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52845" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52845-0245@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052112-CVE-2023-52845-0245@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING" }, { "cve": "CVE-2023-52847", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282717" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: bttv: fix use after free error due to btv-\u003etimeout timer\n\nThere may be some a race condition between timer function\nbttv_irq_timeout and bttv_remove. The timer is setup in\nprobe and there is no timer_delete operation in remove\nfunction. When it hit kfree btv, the function might still be\ninvoked, which will cause use after free bug.\n\nThis bug is found by static analysis, it may be false positive.\n\nFix it by adding del_timer_sync invoking to the remove function.\n\ncpu0 cpu1\n bttv_probe\n -\u003etimer_setup\n -\u003ebttv_set_dma\n -\u003emod_timer;\nbttv_remove\n -\u003ekfree(btv);\n -\u003ebttv_irq_timeout\n -\u003eUSE btv", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: media: bttv: fix use after free error due to btv-\u003etimeout timer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52847" }, { "category": "external", "summary": "RHBZ#2282717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282717" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52847", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52847" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52847", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52847" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52847-a551@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052113-CVE-2023-52847-a551@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: media: bttv: fix use after free error due to btv-\u003etimeout timer" }, { "cve": "CVE-2023-52864", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-05-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282719" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp-\u003eprivate_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: platform/x86: wmi: Fix opening of char device", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52864" }, { "category": "external", "summary": "RHBZ#2282719", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282719" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52864", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52864" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52864", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52864" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52864-15cd@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052118-CVE-2023-52864-15cd@gregkh/T" } ], "release_date": "2024-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: platform/x86: wmi: Fix opening of char device" }, { "cve": "CVE-2024-2201", "cwe": { "id": "CWE-1423", "name": "Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution" }, "discovery_date": "2023-11-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268118" } ], "notes": [ { "category": "description", "text": "A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information.", "title": "Vulnerability description" }, { "category": "summary", "text": "hw: cpu: intel: Native Branch History Injection (BHI)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat has very limited visibility and control over binary blobs provided by third-party vendors. Red Hat relies heavily on the vendors to provide timely updates and information about included changes for this content and in most cases merely acts as a release vehicle between the third-party vendor and Red Hat customers with no possibility of influencing or even documenting the changes. Unless explicitly stated, the level of insight, oversight, and control Red Hat has does not meet the criteria required (in terms of Red Hat ownership of development processes, QA and documentation) for releasing this content as a RHSA. For more information please contact the binary content vendor.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-2201" }, { "category": "external", "summary": "RHBZ#2268118", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268118" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-2201", "url": "https://www.cve.org/CVERecord?id=CVE-2024-2201" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-2201", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2201" }, { "category": "external", "summary": "https://download.vusec.net/papers/inspectre_sec24.pdf", "url": "https://download.vusec.net/papers/inspectre_sec24.pdf" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2024/04/09/15", "url": "https://www.openwall.com/lists/oss-security/2024/04/09/15" }, { "category": "external", "summary": "https://www.vusec.net/projects/native-bhi/", "url": "https://www.vusec.net/projects/native-bhi/" } ], "release_date": "2024-04-09T04:30:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hw: cpu: intel: Native Branch History Injection (BHI)" }, { "cve": "CVE-2024-21823", "discovery_date": "2024-05-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278989" } ], "notes": [ { "category": "description", "text": "Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-21823" }, { "category": "external", "summary": "RHBZ#2278989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278989" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21823", "url": "https://www.cve.org/CVERecord?id=CVE-2024-21823" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21823", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21823" } ], "release_date": "2024-05-14T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application" }, { "cve": "CVE-2024-25739", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "discovery_date": "2024-02-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2263879" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. The create_empty_lvol function in the drivers/mtd/ubi/vtbl.c file can attempt to allocate zero bytes of memory when the LEB size is smaller than a single volume table record. This issue can result in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: crash due to a missing check for leb_size", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-25739" }, { "category": "external", "summary": "RHBZ#2263879", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263879" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-25739", "url": "https://www.cve.org/CVERecord?id=CVE-2024-25739" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25739", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25739" } ], "release_date": "2024-02-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: crash due to a missing check for leb_size" }, { "cve": "CVE-2024-26586", "discovery_date": "2024-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265645" } ], "notes": [ { "category": "description", "text": "A kernel stack flaw that corrupted the Linux kernel\u2019s Mellanox Technologies Spectrum Ethernet driver was found when a user initialized more than 16 access control lists (ACLs). This flaw allows a local user\u00a0to crash or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26586" }, { "category": "external", "summary": "RHBZ#2265645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26586", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26586" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26586", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26586" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024022253-CVE-2024-26586-6632@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024022253-CVE-2024-26586-6632@gregkh/T/#u" } ], "release_date": "2024-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "To mitigate this issue, prevent the mlxsw_spectrum module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on blacklisting a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption" }, { "cve": "CVE-2024-26614", "cwe": { "id": "CWE-413", "name": "Improper Resource Locking" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2269211" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: make sure init the accept_queue\u0027s spinlocks once\n\nWhen I run syz\u0027s reproduction C program locally, it causes the following\nissue:\npvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!\nWARNING: CPU: 19 PID: 21160 at __pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nRIP: 0010:__pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nCode: 73 56 3a ff 90 c3 cc cc cc cc 8b 05 bb 1f 48 01 85 c0 74 05 c3 cc cc cc cc 8b 17 48 89 fe 48 c7 c7\n30 20 ce 8f e8 ad 56 42 ff \u003c0f\u003e 0b c3 cc cc cc cc 0f 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffa8d200604cb8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff9d1ef60e0908\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9d1ef60e0900\nRBP: ffff9d181cd5c280 R08: 0000000000000000 R09: 00000000ffff7fff\nR10: ffffa8d200604b68 R11: ffffffff907dcdc8 R12: 0000000000000000\nR13: ffff9d181cd5c660 R14: ffff9d1813a3f330 R15: 0000000000001000\nFS: 00007fa110184640(0000) GS:ffff9d1ef60c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000000 CR3: 000000011f65e000 CR4: 00000000000006f0\nCall Trace:\n\u003cIRQ\u003e\n _raw_spin_unlock (kernel/locking/spinlock.c:186)\n inet_csk_reqsk_queue_add (net/ipv4/inet_connection_sock.c:1321)\n inet_csk_complete_hashdance (net/ipv4/inet_connection_sock.c:1358)\n tcp_check_req (net/ipv4/tcp_minisocks.c:868)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2260)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205)\n ip_local_deliver_finish (net/ipv4/ip_input.c:234)\n __netif_receive_skb_one_core (net/core/dev.c:5529)\n process_backlog (./include/linux/rcupdate.h:779)\n __napi_poll (net/core/dev.c:6533)\n net_rx_action (net/core/dev.c:6604)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n\u003c/IRQ\u003e\n\u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4374)\n ip_finish_output2 (./include/net/neighbour.h:540 net/ipv4/ip_output.c:235)\n __ip_queue_xmit (net/ipv4/ip_output.c:535)\n __tcp_transmit_skb (net/ipv4/tcp_output.c:1462)\n tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6469)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6657)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929)\n __release_sock (./include/net/sock.h:1121 net/core/sock.c:2968)\n release_sock (net/core/sock.c:3536)\n inet_wait_for_connect (net/ipv4/af_inet.c:609)\n __inet_stream_connect (net/ipv4/af_inet.c:702)\n inet_stream_connect (net/ipv4/af_inet.c:748)\n __sys_connect (./include/linux/file.h:45 net/socket.c:2064)\n __x64_sys_connect (net/socket.c:2073 net/socket.c:2070 net/socket.c:2070)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n RIP: 0033:0x7fa10ff05a3d\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89\n c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ab a3 0e 00 f7 d8 64 89 01 48\n RSP: 002b:00007fa110183de8 EFLAGS: 00000202 ORIG_RAX: 000000000000002a\n RAX: ffffffffffffffda RBX: 0000000020000054 RCX: 00007fa10ff05a3d\n RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\n RBP: 00007fa110183e20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fa110184640\n R13: 0000000000000000 R14: 00007fa10fe8b060 R15: 00007fff73e23b20\n\u003c/TASK\u003e\n\nThe issue triggering process is analyzed as follows:\nThread A Thread B\ntcp_v4_rcv\t//receive ack TCP packet inet_shutdown\n tcp_check_req tcp_disconnect //disconnect sock\n ... tcp_set_state(sk, TCP_CLOSE)\n inet_csk_complete_hashdance ...\n inet_csk_reqsk_queue_add \n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tcp: make sure init the accept_queue\u0026#39;s spinlocks once", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26614" }, { "category": "external", "summary": "RHBZ#2269211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26614", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26614" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26614", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26614" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-46-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-46-lee@kernel.org/T" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: tcp: make sure init the accept_queue\u0026#39;s spinlocks once" }, { "cve": "CVE-2024-26640", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-03-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2270100" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Linux Kernel where rx zerocopy feature allowed mapping of pages owned by the filesystem, leading to potential system panic which is caused by the lack of sanity checks to rx zerocopy. A local authenticated attacker could exploit this vulnerability to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tcp: add sanity checks to rx zerocopy", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26640" }, { "category": "external", "summary": "RHBZ#2270100", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270100" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26640", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26640" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26640", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26640" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-11-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240318102117.2839904-11-lee@kernel.org/T" } ], "release_date": "2024-03-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: tcp: add sanity checks to rx zerocopy" }, { "cve": "CVE-2024-26660", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272782" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the DRM/AMD/Display module of the Linux Kernel. An out-of-bounds access exists in the \u0027stream_enc_regs\u0027 array within DCN301, while accessing the array with \u0027eng_id,\u2019 could lead to an out-of-bounds access beyond its four-element size, which can cause a system crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/amd/display: Implement bounds check for stream encoder creation in DCN301", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26660" }, { "category": "external", "summary": "RHBZ#2272782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272782" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26660", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26660" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26660", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26660" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040222-CVE-2024-26660-3f40@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040222-CVE-2024-26660-3f40@gregkh/T" } ], "release_date": "2024-04-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/amd/display: Implement bounds check for stream encoder creation in DCN301" }, { "cve": "CVE-2024-26669", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2272795" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: flower: Fix chain template offload\n\nWhen a qdisc is deleted from a net device the stack instructs the\nunderlying driver to remove its flow offload callback from the\nassociated filter block using the \u0027FLOW_BLOCK_UNBIND\u0027 command. The stack\nthen continues to replay the removal of the filters in the block for\nthis driver by iterating over the chains in the block and invoking the\n\u0027reoffload\u0027 operation of the classifier being used. In turn, the\nclassifier in its \u0027reoffload\u0027 operation prepares and emits a\n\u0027FLOW_CLS_DESTROY\u0027 command for each filter.\n\nHowever, the stack does not do the same for chain templates and the\nunderlying driver never receives a \u0027FLOW_CLS_TMPLT_DESTROY\u0027 command when\na qdisc is deleted. This results in a memory leak [1] which can be\nreproduced using [2].\n\nFix by introducing a \u0027tmplt_reoffload\u0027 operation and have the stack\ninvoke it with the appropriate arguments as part of the replay.\nImplement the operation in the sole classifier that supports chain\ntemplates (flower) by emitting the \u0027FLOW_CLS_TMPLT_{CREATE,DESTROY}\u0027\ncommand based on whether a flow offload callback is being bound to a\nfilter block or being unbound from one.\n\nAs far as I can tell, the issue happens since cited commit which\nreordered tcf_block_offload_unbind() before tcf_block_flush_all_chains()\nin __tcf_block_put(). The order cannot be reversed as the filter block\nis expected to be freed after flushing all the chains.\n\n[1]\nunreferenced object 0xffff888107e28800 (size 2048):\n comm \"tc\", pid 1079, jiffies 4294958525 (age 3074.287s)\n hex dump (first 32 bytes):\n b1 a6 7c 11 81 88 ff ff e0 5b b3 10 81 88 ff ff ..|......[......\n 01 00 00 00 00 00 00 00 e0 aa b0 84 ff ff ff ff ................\n backtrace:\n [\u003cffffffff81c06a68\u003e] __kmem_cache_alloc_node+0x1e8/0x320\n [\u003cffffffff81ab374e\u003e] __kmalloc+0x4e/0x90\n [\u003cffffffff832aec6d\u003e] mlxsw_sp_acl_ruleset_get+0x34d/0x7a0\n [\u003cffffffff832bc195\u003e] mlxsw_sp_flower_tmplt_create+0x145/0x180\n [\u003cffffffff832b2e1a\u003e] mlxsw_sp_flow_block_cb+0x1ea/0x280\n [\u003cffffffff83a10613\u003e] tc_setup_cb_call+0x183/0x340\n [\u003cffffffff83a9f85a\u003e] fl_tmplt_create+0x3da/0x4c0\n [\u003cffffffff83a22435\u003e] tc_ctl_chain+0xa15/0x1170\n [\u003cffffffff838a863c\u003e] rtnetlink_rcv_msg+0x3cc/0xed0\n [\u003cffffffff83ac87f0\u003e] netlink_rcv_skb+0x170/0x440\n [\u003cffffffff83ac6270\u003e] netlink_unicast+0x540/0x820\n [\u003cffffffff83ac6e28\u003e] netlink_sendmsg+0x8d8/0xda0\n [\u003cffffffff83793def\u003e] ____sys_sendmsg+0x30f/0xa80\n [\u003cffffffff8379d29a\u003e] ___sys_sendmsg+0x13a/0x1e0\n [\u003cffffffff8379d50c\u003e] __sys_sendmsg+0x11c/0x1f0\n [\u003cffffffff843b9ce0\u003e] do_syscall_64+0x40/0xe0\nunreferenced object 0xffff88816d2c0400 (size 1024):\n comm \"tc\", pid 1079, jiffies 4294958525 (age 3074.287s)\n hex dump (first 32 bytes):\n 40 00 00 00 00 00 00 00 57 f6 38 be 00 00 00 00 @.......W.8.....\n 10 04 2c 6d 81 88 ff ff 10 04 2c 6d 81 88 ff ff ..,m......,m....\n backtrace:\n [\u003cffffffff81c06a68\u003e] __kmem_cache_alloc_node+0x1e8/0x320\n [\u003cffffffff81ab36c1\u003e] __kmalloc_node+0x51/0x90\n [\u003cffffffff81a8ed96\u003e] kvmalloc_node+0xa6/0x1f0\n [\u003cffffffff82827d03\u003e] bucket_table_alloc.isra.0+0x83/0x460\n [\u003cffffffff82828d2b\u003e] rhashtable_init+0x43b/0x7c0\n [\u003cffffffff832aed48\u003e] mlxsw_sp_acl_ruleset_get+0x428/0x7a0\n [\u003cffffffff832bc195\u003e] mlxsw_sp_flower_tmplt_create+0x145/0x180\n [\u003cffffffff832b2e1a\u003e] mlxsw_sp_flow_block_cb+0x1ea/0x280\n [\u003cffffffff83a10613\u003e] tc_setup_cb_call+0x183/0x340\n [\u003cffffffff83a9f85a\u003e] fl_tmplt_create+0x3da/0x4c0\n [\u003cffffffff83a22435\u003e] tc_ctl_chain+0xa15/0x1170\n [\u003cffffffff838a863c\u003e] rtnetlink_rcv_msg+0x3cc/0xed0\n [\u003cffffffff83ac87f0\u003e] netlink_rcv_skb+0x170/0x440\n [\u003cffffffff83ac6270\u003e] netlink_unicast+0x540/0x820\n [\u003cffffffff83ac6e28\u003e] netlink_sendmsg+0x8d8/0xda0\n [\u003cffffffff83793def\u003e] ____sys_sendmsg+0x30f/0xa80\n\n[2]\n # tc qdisc add dev swp1 clsact\n # tc chain add dev swp1 ingress proto ip chain 1 flower dst_ip 0.0.0.0/32\n # tc qdisc del dev\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/sched: flower: Fix chain template offload", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26669" }, { "category": "external", "summary": "RHBZ#2272795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26669", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26669" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26669", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26669" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040237-CVE-2024-26669-ca3c@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040237-CVE-2024-26669-ca3c@gregkh/T" } ], "release_date": "2024-04-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net/sched: flower: Fix chain template offload" }, { "cve": "CVE-2024-26686", "cwe": { "id": "CWE-413", "name": "Improper Resource Locking" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273109" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats\n\nlock_task_sighand() can trigger a hard lockup. If NR_CPUS threads call\ndo_task_stat() at the same time and the process has NR_THREADS, it will\nspin with irqs disabled O(NR_CPUS * NR_THREADS) time.\n\nChange do_task_stat() to use sig-\u003estats_lock to gather the statistics\noutside of -\u003esiglock protected section, in the likely case this code will\nrun lockless.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26686" }, { "category": "external", "summary": "RHBZ#2273109", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273109" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26686", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26686" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26686", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26686" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040335-CVE-2024-26686-b22f@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: fs/proc: do_task_stat: use sig-\u003estats_lock to gather the threads/children stats" }, { "cve": "CVE-2024-26704", "cwe": { "id": "CWE-415", "name": "Double Free" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273174" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double-free of blocks due to wrong extents moved_len\n\nIn ext4_move_extents(), moved_len is only updated when all moves are\nsuccessfully executed, and only discards orig_inode and donor_inode\npreallocations when moved_len is not zero. When the loop fails to exit\nafter successfully moving some extents, moved_len is not updated and\nremains at 0, so it does not discard the preallocations.\n\nIf the moved extents overlap with the preallocated extents, the\noverlapped extents are freed twice in ext4_mb_release_inode_pa() and\next4_process_freed_data() (as described in commit 94d7c16cbbbd (\"ext4:\nFix double-free of blocks with EXT4_IOC_MOVE_EXT\")), and bb_free is\nincremented twice. Hence when trim is executed, a zero-division bug is\ntriggered in mb_update_avg_fragment_size() because bb_free is not zero\nand bb_fragments is zero.\n\nTherefore, update move_len after each extent move to avoid the issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ext4: fix double-free of blocks due to wrong extents moved_len", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is rated as a moderate because this issue could lead to ext4 file system crashes or undefined behavior on the system.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26704" }, { "category": "external", "summary": "RHBZ#2273174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273174" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26704", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26704" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26704", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26704" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040340-CVE-2024-26704-a082@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040340-CVE-2024-26704-a082@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ext4: fix double-free of blocks due to wrong extents moved_len" }, { "cve": "CVE-2024-26733", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273247" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: Prevent overflow in arp_req_get().\n\nsyzkaller reported an overflown write in arp_req_get(). [0]\n\nWhen ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour\nentry and copies neigh-\u003eha to struct arpreq.arp_ha.sa_data.\n\nThe arp_ha here is struct sockaddr, not struct sockaddr_storage, so\nthe sa_data buffer is just 14 bytes.\n\nIn the splat below, 2 bytes are overflown to the next int field,\narp_flags. We initialise the field just after the memcpy(), so it\u0027s\nnot a problem.\n\nHowever, when dev-\u003eaddr_len is greater than 22 (e.g. MAX_ADDR_LEN),\narp_netmask is overwritten, which could be set as htonl(0xFFFFFFFFUL)\nin arp_ioctl() before calling arp_req_get().\n\nTo avoid the overflow, let\u0027s limit the max length of memcpy().\n\nNote that commit b5f0de6df6dc (\"net: dev: Convert sa_data to flexible\narray in struct sockaddr\") just silenced syzkaller.\n\n[0]:\nmemcpy: detected field-spanning write (size 16) of single field \"r-\u003earp_ha.sa_data\" at net/ipv4/arp.c:1128 (size 14)\nWARNING: CPU: 0 PID: 144638 at net/ipv4/arp.c:1128 arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nModules linked in:\nCPU: 0 PID: 144638 Comm: syz-executor.4 Not tainted 6.1.74 #31\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014\nRIP: 0010:arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nCode: fd ff ff e8 41 42 de fb b9 0e 00 00 00 4c 89 fe 48 c7 c2 20 6d ab 87 48 c7 c7 80 6d ab 87 c6 05 25 af 72 04 01 e8 5f 8d ad fb \u003c0f\u003e 0b e9 6c fd ff ff e8 13 42 de fb be 03 00 00 00 4c 89 e7 e8 a6\nRSP: 0018:ffffc900050b7998 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88803a815000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff8641a44a RDI: 0000000000000001\nRBP: ffffc900050b7a98 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 203a7970636d656d R12: ffff888039c54000\nR13: 1ffff92000a16f37 R14: ffff88803a815084 R15: 0000000000000010\nFS: 00007f172bf306c0(0000) GS:ffff88805aa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f172b3569f0 CR3: 0000000057f12005 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n arp_ioctl+0x33f/0x4b0 net/ipv4/arp.c:1261\n inet_ioctl+0x314/0x3a0 net/ipv4/af_inet.c:981\n sock_do_ioctl+0xdf/0x260 net/socket.c:1204\n sock_ioctl+0x3ef/0x650 net/socket.c:1321\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18e/0x220 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x64/0xce\nRIP: 0033:0x7f172b262b8d\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f172bf300b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f172b3abf80 RCX: 00007f172b262b8d\nRDX: 0000000020000000 RSI: 0000000000008954 RDI: 0000000000000003\nRBP: 00007f172b2d3493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007f172b3abf80 R15: 00007f172bf10000\n \u003c/TASK\u003e", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: arp: Prevent overflow in arp_req_get().", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26733" }, { "category": "external", "summary": "RHBZ#2273247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26733", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26733" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26733", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26733" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040358-CVE-2024-26733-617f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040358-CVE-2024-26733-617f@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: arp: Prevent overflow in arp_req_get()." }, { "cve": "CVE-2024-26740", "cwe": { "id": "CWE-833", "name": "Deadlock" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273268" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: use the backlog for mirred ingress\n\nThe test Davide added in commit ca22da2fbd69 (\"act_mirred: use the backlog\nfor nested calls to mirred ingress\") hangs our testing VMs every 10 or so\nruns, with the familiar tcp_v4_rcv -\u003e tcp_v4_rcv deadlock reported by\nlockdep.\n\nThe problem as previously described by Davide (see Link) is that\nif we reverse flow of traffic with the redirect (egress -\u003e ingress)\nwe may reach the same socket which generated the packet. And we may\nstill be holding its socket lock. The common solution to such deadlocks\nis to put the packet in the Rx backlog, rather than run the Rx path\ninline. Do that for all egress -\u003e ingress reversals, not just once\nwe started to nest mirred calls.\n\nIn the past there was a concern that the backlog indirection will\nlead to loss of error reporting / less accurate stats. But the current\nworkaround does not seem to address the issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/sched: act_mirred: use the backlog for mirred ingress", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26740" }, { "category": "external", "summary": "RHBZ#2273268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273268" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26740", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26740" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26740", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26740" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040300-CVE-2024-26740-4d6f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040300-CVE-2024-26740-4d6f@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/sched: act_mirred: use the backlog for mirred ingress" }, { "cve": "CVE-2024-26772", "cwe": { "id": "CWE-229", "name": "Improper Handling of Values" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273242" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26772" }, { "category": "external", "summary": "RHBZ#2273242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273242" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26772", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26772" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26772", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26772" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26772-5168@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26772-5168@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()" }, { "cve": "CVE-2024-26773", "cwe": { "id": "CWE-229", "name": "Improper Handling of Values" }, "discovery_date": "2024-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273236" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()\n\nDetermine if the group block bitmap is corrupted before using ac_b_ex in\next4_mb_try_best_found() to avoid allocating blocks from a group with a\ncorrupted block bitmap in the following concurrency and making the\nsituation worse.\n\next4_mb_regular_allocator\n ext4_lock_group(sb, group)\n ext4_mb_good_group\n // check if the group bbitmap is corrupted\n ext4_mb_complex_scan_group\n // Scan group gets ac_b_ex but doesn\u0027t use it\n ext4_unlock_group(sb, group)\n ext4_mark_group_bitmap_corrupted(group)\n // The block bitmap was corrupted during\n // the group unlock gap.\n ext4_mb_try_best_found\n ext4_lock_group(ac-\u003eac_sb, group)\n ext4_mb_use_best_found\n mb_mark_used\n // Allocating blocks in block bitmap corrupted group", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26773" }, { "category": "external", "summary": "RHBZ#2273236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273236" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26773", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26773" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26773", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26773" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26773-a314@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040308-CVE-2024-26773-a314@gregkh/T" } ], "release_date": "2024-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()" }, { "cve": "CVE-2024-26802", "discovery_date": "2024-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273427" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the `stmmac` ethernet driver of the Linux kernel, where a workqueue variable was not cleared after being destroyed. This issue could lead to kernel panics if the code later attempted to access or destroy the already-freed workqueue.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: stmmac: Clear variable when destroying workqueue", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26802" }, { "category": "external", "summary": "RHBZ#2273427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273427" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26802", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26802" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26802", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26802" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040403-CVE-2024-26802-b3da@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040403-CVE-2024-26802-b3da@gregkh/T" } ], "release_date": "2024-04-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: stmmac: Clear variable when destroying workqueue" }, { "cve": "CVE-2024-26810", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-04-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273654" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Lock external INTx masking ops\n\nMask operations through config space changes to DisINTx may race INTx\nconfiguration changes via ioctl. Create wrappers that add locking for\npaths outside of the core interrupt code.\n\nIn particular, irq_type is updated holding igate, therefore testing\nis_intx() requires holding igate. For example clearing DisINTx from\nconfig space can otherwise race changes of the interrupt configuration.\n\nThis aligns interfaces which may trigger the INTx eventfd into two\ncamps, one side serialized by igate and the other only enabled while\nINTx is configured. A subsequent patch introduces synchronization for\nthe latter flows.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: vfio/pci: Lock external INTx masking ops", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26810" }, { "category": "external", "summary": "RHBZ#2273654", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273654" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26810", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26810" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024040548-CVE-2024-26810-4371@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024040548-CVE-2024-26810-4371@gregkh/T" } ], "release_date": "2024-04-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: vfio/pci: Lock external INTx masking ops" }, { "cve": "CVE-2024-26837", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275580" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: switchdev: Skip MDB replays of deferred events on offload\n\nBefore this change, generation of the list of MDB events to replay\nwould race against the creation of new group memberships, either from\nthe IGMP/MLD snooping logic or from user configuration.\n\nWhile new memberships are immediately visible to walkers of\nbr-\u003emdb_list, the notification of their existence to switchdev event\nsubscribers is deferred until a later point in time. So if a replay\nlist was generated during a time that overlapped with such a window,\nit would also contain a replay of the not-yet-delivered event.\n\nThe driver would thus receive two copies of what the bridge internally\nconsidered to be one single event. On destruction of the bridge, only\na single membership deletion event was therefore sent. As a\nconsequence of this, drivers which reference count memberships (at\nleast DSA), would be left with orphan groups in their hardware\ndatabase when the bridge was destroyed.\n\nThis is only an issue when replaying additions. While deletion events\nmay still be pending on the deferred queue, they will already have\nbeen removed from br-\u003emdb_list, so no duplicates can be generated in\nthat scenario.\n\nTo a user this meant that old group memberships, from a bridge in\nwhich a port was previously attached, could be reanimated (in\nhardware) when the port joined a new bridge, without the new bridge\u0027s\nknowledge.\n\nFor example, on an mv88e6xxx system, create a snooping bridge and\nimmediately add a port to it:\n\n root@infix-06-0b-00:~$ ip link add dev br0 up type bridge mcast_snooping 1 \u0026\u0026 \\\n \u003e ip link set dev x3 up master br0\n\nAnd then destroy the bridge:\n\n root@infix-06-0b-00:~$ ip link del dev br0\n root@infix-06-0b-00:~$ mvls atu\n ADDRESS FID STATE Q F 0 1 2 3 4 5 6 7 8 9 a\n DEV:0 Marvell 88E6393X\n 33:33:00:00:00:6a 1 static - - 0 . . . . . . . . . .\n 33:33:ff:87:e4:3f 1 static - - 0 . . . . . . . . . .\n ff:ff:ff:ff:ff:ff 1 static - - 0 1 2 3 4 5 6 7 8 9 a\n root@infix-06-0b-00:~$\n\nThe two IPv6 groups remain in the hardware database because the\nport (x3) is notified of the host\u0027s membership twice: once via the\noriginal event and once via a replay. Since only a single delete\nnotification is sent, the count remains at 1 when the bridge is\ndestroyed.\n\nThen add the same port (or another port belonging to the same hardware\ndomain) to a new bridge, this time with snooping disabled:\n\n root@infix-06-0b-00:~$ ip link add dev br1 up type bridge mcast_snooping 0 \u0026\u0026 \\\n \u003e ip link set dev x3 up master br1\n\nAll multicast, including the two IPv6 groups from br0, should now be\nflooded, according to the policy of br1. But instead the old\nmemberships are still active in the hardware database, causing the\nswitch to only forward traffic to those groups towards the CPU (port\n0).\n\nEliminate the race in two steps:\n\n1. Grab the write-side lock of the MDB while generating the replay\n list.\n\nThis prevents new memberships from showing up while we are generating\nthe replay list. But it leaves the scenario in which a deferred event\nwas already generated, but not delivered, before we grabbed the\nlock. Therefore:\n\n2. Make sure that no deferred version of a replay event is already\n enqueued to the switchdev deferred queue, before adding it to the\n replay list, when replaying additions.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: bridge: switchdev: Skip MDB replays of deferred events on offload", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26837" }, { "category": "external", "summary": "RHBZ#2275580", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275580" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26837", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26837" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26837", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26837" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26837-753c@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26837-753c@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: bridge: switchdev: Skip MDB replays of deferred events on offload" }, { "cve": "CVE-2024-26840", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275573" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [\u003cffffffff8eb8a1a5\u003e] kmem_cache_alloc+0x2d5/0x370\n [\u003cffffffff8e917f86\u003e] prepare_creds+0x26/0x2e0\n [\u003cffffffffc002eeef\u003e] cachefiles_determine_cache_security+0x1f/0x120\n [\u003cffffffffc00243ec\u003e] cachefiles_add_cache+0x13c/0x3a0\n [\u003cffffffffc0025216\u003e] cachefiles_daemon_write+0x146/0x1c0\n [\u003cffffffff8ebc4a3b\u003e] vfs_write+0xcb/0x520\n [\u003cffffffff8ebc5069\u003e] ksys_write+0x69/0xf0\n [\u003cffffffff8f6d4662\u003e] do_syscall_64+0x72/0x140\n [\u003cffffffff8f8000aa\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: cachefiles: fix memory leak in cachefiles_add_cache()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26840" }, { "category": "external", "summary": "RHBZ#2275573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275573" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26840", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26840" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26840-057d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041715-CVE-2024-26840-057d@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: cachefiles: fix memory leak in cachefiles_add_cache()" }, { "cve": "CVE-2024-26843", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275565" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: runtime: Fix potential overflow of soft-reserved region size\n\nmd_size will have been narrowed if we have \u003e= 4GB worth of pages in a\nsoft-reserved region.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: efi: runtime: Fix potential overflow of soft-reserved region size", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26843" }, { "category": "external", "summary": "RHBZ#2275565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26843", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26843" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26843", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26843" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041716-CVE-2024-26843-51a0@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041716-CVE-2024-26843-51a0@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: efi: runtime: Fix potential overflow of soft-reserved region size" }, { "cve": "CVE-2024-26852", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275761" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26852" }, { "category": "external", "summary": "RHBZ#2275761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275761" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26852", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26852", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26852" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26852-0057@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26852-0057@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()" }, { "cve": "CVE-2024-26853", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275748" } ], "notes": [ { "category": "description", "text": "A memory corruption flaw was found in the Linux kernel\u2019s Intel(R) Ethernet Controller I225-LM/I225-V driver in how a user generates a high amount of packets. This flaw allows a local user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: igc: avoid returning frame twice in XDP_REDIRECT", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26853" }, { "category": "external", "summary": "RHBZ#2275748", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275748" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26853", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26853" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26853", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26853" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26853-b549@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26853-b549@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: igc: avoid returning frame twice in XDP_REDIRECT" }, { "cve": "CVE-2024-26870", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275711" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. A system error can be reliably replicated with specific filesystem settings, allowing an attacker to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26870" }, { "category": "external", "summary": "RHBZ#2275711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275711" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26870", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26870" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26870", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26870" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26870-7aea@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041738-CVE-2024-26870-7aea@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102" }, { "cve": "CVE-2024-26878", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275694" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t drop_dquot_ref\n\t\t\t\t\t remove_dquot_ref\n\t\t\t\t\t dquots = i_dquot(inode)\n dquots = i_dquot(inode)\n srcu_read_lock\n dquots[cnt]) != NULL (1)\n\t\t\t\t\t dquots[type] = NULL (2)\n spin_lock(\u0026dquots[cnt]-\u003edq_dqb_lock) (3)\n ....\n\nIf dquot_free_inode(or other routines) checks inode\u0027s quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let\u0027s fix it by using a temporary pointer to avoid this issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: quota: Fix potential NULL pointer dereference", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26878" }, { "category": "external", "summary": "RHBZ#2275694", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275694" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26878", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26878" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26878", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26878" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041740-CVE-2024-26878-5748@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041740-CVE-2024-26878-5748@gregkh/T" } ], "release_date": "2024-04-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: quota: Fix potential NULL pointer dereference" }, { "cve": "CVE-2024-26921", "cwe": { "id": "CWE-124", "name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)" }, "discovery_date": "2024-04-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275928" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb-\u003esk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb-\u003esk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead-\u003esk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff-\u003esk member, we must move the\noffset into the FRAG_CB, else skb-\u003esk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won\u0027t continue past reasm engine.\n\nIn the latter case, we will steal the skb-\u003esk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: inet: inet_defrag: prevent sk release while still in use", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26921" }, { "category": "external", "summary": "RHBZ#2275928", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275928" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26921", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26921" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26921", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26921" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024041819-CVE-2024-26921-e3b3@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024041819-CVE-2024-26921-e3b3@gregkh/T" } ], "release_date": "2024-04-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: inet: inet_defrag: prevent sk release while still in use" }, { "cve": "CVE-2024-26925", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "discovery_date": "2024-04-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2277166" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: release mutex after nft_gc_seq_end from abort path\n\nThe commit mutex should not be released during the critical section\nbetween nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC\nworker could collect expired objects and get the released commit lock\nwithin the same GC sequence.\n\nnf_tables_module_autoload() temporarily releases the mutex to load\nmodule dependencies, then it goes back to replay the transaction again.\nMove it at the end of the abort phase after nft_gc_seq_end() is called.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26925" }, { "category": "external", "summary": "RHBZ#2277166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277166" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26925", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26925" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26925", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26925" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024042421-CVE-2024-26925-7c19@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024042421-CVE-2024-26925-7c19@gregkh/T" } ], "release_date": "2024-04-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path" }, { "cve": "CVE-2024-26940", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278218" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed\n\nThe driver creates /sys/kernel/debug/dri/0/mob_ttm even when the\ncorresponding ttm_resource_manager is not allocated.\nThis leads to a crash when trying to read from this file.\n\nAdd a check to create mob_ttm, system_mob_ttm, and gmr_ttm debug file\nonly when the corresponding ttm_resource_manager is allocated.\n\ncrash\u003e bt\nPID: 3133409 TASK: ffff8fe4834a5000 CPU: 3 COMMAND: \"grep\"\n #0 [ffffb954506b3b20] machine_kexec at ffffffffb2a6bec3\n #1 [ffffb954506b3b78] __crash_kexec at ffffffffb2bb598a\n #2 [ffffb954506b3c38] crash_kexec at ffffffffb2bb68c1\n #3 [ffffb954506b3c50] oops_end at ffffffffb2a2a9b1\n #4 [ffffb954506b3c70] no_context at ffffffffb2a7e913\n #5 [ffffb954506b3cc8] __bad_area_nosemaphore at ffffffffb2a7ec8c\n #6 [ffffb954506b3d10] do_page_fault at ffffffffb2a7f887\n #7 [ffffb954506b3d40] page_fault at ffffffffb360116e\n [exception RIP: ttm_resource_manager_debug+0x11]\n RIP: ffffffffc04afd11 RSP: ffffb954506b3df0 RFLAGS: 00010246\n RAX: ffff8fe41a6d1200 RBX: 0000000000000000 RCX: 0000000000000940\n RDX: 0000000000000000 RSI: ffffffffc04b4338 RDI: 0000000000000000\n RBP: ffffb954506b3e08 R8: ffff8fee3ffad000 R9: 0000000000000000\n R10: ffff8fe41a76a000 R11: 0000000000000001 R12: 00000000ffffffff\n R13: 0000000000000001 R14: ffff8fe5bb6f3900 R15: ffff8fe41a6d1200\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #8 [ffffb954506b3e00] ttm_resource_manager_show at ffffffffc04afde7 [ttm]\n #9 [ffffb954506b3e30] seq_read at ffffffffb2d8f9f3\n RIP: 00007f4c4eda8985 RSP: 00007ffdbba9e9f8 RFLAGS: 00000246\n RAX: ffffffffffffffda RBX: 000000000037e000 RCX: 00007f4c4eda8985\n RDX: 000000000037e000 RSI: 00007f4c41573000 RDI: 0000000000000003\n RBP: 000000000037e000 R8: 0000000000000000 R9: 000000000037fe30\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4c41573000\n R13: 0000000000000003 R14: 00007f4c41572010 R15: 0000000000000003\n ORIG_RAX: 0000000000000000 CS: 0033 SS: 002b", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26940" }, { "category": "external", "summary": "RHBZ#2278218", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278218" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26940", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26940" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26940", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26940" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26940-1785@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050125-CVE-2024-26940-1785@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed" }, { "cve": "CVE-2024-26958", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278182" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix UAF in direct writes\n\nIn production we have been hitting the following warning consistently\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28 refcount_warn_saturate+0x9c/0xe0\nWorkqueue: nfsiod nfs_direct_write_schedule_work [nfs]\nRIP: 0010:refcount_warn_saturate+0x9c/0xe0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x9f/0x130\n ? refcount_warn_saturate+0x9c/0xe0\n ? report_bug+0xcc/0x150\n ? handle_bug+0x3d/0x70\n ? exc_invalid_op+0x16/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? refcount_warn_saturate+0x9c/0xe0\n nfs_direct_write_schedule_work+0x237/0x250 [nfs]\n process_one_work+0x12f/0x4a0\n worker_thread+0x14e/0x3b0\n ? ZSTD_getCParams_internal+0x220/0x220\n kthread+0xdc/0x120\n ? __btf_name_valid+0xa0/0xa0\n ret_from_fork+0x1f/0x30\n\nThis is because we\u0027re completing the nfs_direct_request twice in a row.\n\nThe source of this is when we have our commit requests to submit, we\nprocess them and send them off, and then in the completion path for the\ncommit requests we have\n\nif (nfs_commit_end(cinfo.mds))\n\tnfs_direct_write_complete(dreq);\n\nHowever since we\u0027re submitting asynchronous requests we sometimes have\none that completes before we submit the next one, so we end up calling\ncomplete on the nfs_direct_request twice.\n\nThe only other place we use nfs_generic_commit_list() is in\n__nfs_commit_inode, which wraps this call in a\n\nnfs_commit_begin();\nnfs_commit_end();\n\nWhich is a common pattern for this style of completion handling, one\nthat is also repeated in the direct code with get_dreq()/put_dreq()\ncalls around where we process events as well as in the completion paths.\n\nFix this by using the same pattern for the commit requests.\n\nBefore with my 200 node rocksdb stress running this warning would pop\nevery 10ish minutes. With my patch the stress test has been running for\nseveral hours without popping.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nfs: fix UAF in direct writes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26958" }, { "category": "external", "summary": "RHBZ#2278182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278182" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26958", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26958" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26958", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26958" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26958-6c15@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26958-6c15@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: nfs: fix UAF in direct writes" }, { "cve": "CVE-2024-26960", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278178" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: fix race between free_swap_and_cache() and swapoff()\n\nThere was previously a theoretical window where swapoff() could run and\nteardown a swap_info_struct while a call to free_swap_and_cache() was\nrunning in another thread. This could cause, amongst other bad\npossibilities, swap_page_trans_huge_swapped() (called by\nfree_swap_and_cache()) to access the freed memory for swap_map.\n\nThis is a theoretical problem and I haven\u0027t been able to provoke it from a\ntest case. But there has been agreement based on code review that this is\npossible (see link below).\n\nFix it by using get_swap_device()/put_swap_device(), which will stall\nswapoff(). There was an extra check in _swap_info_get() to confirm that\nthe swap entry was not free. This isn\u0027t present in get_swap_device()\nbecause it doesn\u0027t make sense in general due to the race between getting\nthe reference and swapoff. So I\u0027ve added an equivalent check directly in\nfree_swap_and_cache().\n\nDetails of how to provoke one possible issue (thanks to David Hildenbrand\nfor deriving this):\n\n--8\u003c-----\n\n__swap_entry_free() might be the last user and result in\n\"count == SWAP_HAS_CACHE\".\n\nswapoff-\u003etry_to_unuse() will stop as soon as soon as si-\u003einuse_pages==0.\n\nSo the question is: could someone reclaim the folio and turn\nsi-\u003einuse_pages==0, before we completed swap_page_trans_huge_swapped().\n\nImagine the following: 2 MiB folio in the swapcache. Only 2 subpages are\nstill references by swap entries.\n\nProcess 1 still references subpage 0 via swap entry.\nProcess 2 still references subpage 1 via swap entry.\n\nProcess 1 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n[then, preempted in the hypervisor etc.]\n\nProcess 2 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n\nProcess 2 goes ahead, passes swap_page_trans_huge_swapped(), and calls\n__try_to_reclaim_swap().\n\n__try_to_reclaim_swap()-\u003efolio_free_swap()-\u003edelete_from_swap_cache()-\u003e\nput_swap_folio()-\u003efree_swap_slot()-\u003eswapcache_free_entries()-\u003e\nswap_entry_free()-\u003eswap_range_free()-\u003e\n...\nWRITE_ONCE(si-\u003einuse_pages, si-\u003einuse_pages - nr_entries);\n\nWhat stops swapoff to succeed after process 2 reclaimed the swap cache\nbut before process1 finished its call to swap_page_trans_huge_swapped()?\n\n--8\u003c-----", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mm: swap: fix race between free_swap_and_cache() and swapoff()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26960" }, { "category": "external", "summary": "RHBZ#2278178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278178" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26960", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26960" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26960", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26960" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26960-ad6b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26960-ad6b@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: mm: swap: fix race between free_swap_and_cache() and swapoff()" }, { "cve": "CVE-2024-26961", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278176" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: fix llsec key resources release in mac802154_llsec_key_del\n\nmac802154_llsec_key_del() can free resources of a key directly without\nfollowing the RCU rules for waiting before the end of a grace period. This\nmay lead to use-after-free in case llsec_lookup_key() is traversing the\nlist of keys in parallel with a key deletion:\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 4 PID: 16000 at lib/refcount.c:25 refcount_warn_saturate+0x162/0x2a0\nModules linked in:\nCPU: 4 PID: 16000 Comm: wpan-ping Not tainted 6.7.0 #19\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x162/0x2a0\nCall Trace:\n \u003cTASK\u003e\n llsec_lookup_key.isra.0+0x890/0x9e0\n mac802154_llsec_encrypt+0x30c/0x9c0\n ieee802154_subif_start_xmit+0x24/0x1e0\n dev_hard_start_xmit+0x13e/0x690\n sch_direct_xmit+0x2ae/0xbc0\n __dev_queue_xmit+0x11dd/0x3c20\n dgram_sendmsg+0x90b/0xd60\n __sys_sendto+0x466/0x4c0\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x45/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nAlso, ieee802154_llsec_key_entry structures are not freed by\nmac802154_llsec_key_del():\n\nunreferenced object 0xffff8880613b6980 (size 64):\n comm \"iwpan\", pid 2176, jiffies 4294761134 (age 60.475s)\n hex dump (first 32 bytes):\n 78 0d 8f 18 80 88 ff ff 22 01 00 00 00 00 ad de x.......\".......\n 00 00 00 00 00 00 00 00 03 00 cd ab 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81dcfa62\u003e] __kmem_cache_alloc_node+0x1e2/0x2d0\n [\u003cffffffff81c43865\u003e] kmalloc_trace+0x25/0xc0\n [\u003cffffffff88968b09\u003e] mac802154_llsec_key_add+0xac9/0xcf0\n [\u003cffffffff8896e41a\u003e] ieee802154_add_llsec_key+0x5a/0x80\n [\u003cffffffff8892adc6\u003e] nl802154_add_llsec_key+0x426/0x5b0\n [\u003cffffffff86ff293e\u003e] genl_family_rcv_msg_doit+0x1fe/0x2f0\n [\u003cffffffff86ff46d1\u003e] genl_rcv_msg+0x531/0x7d0\n [\u003cffffffff86fee7a9\u003e] netlink_rcv_skb+0x169/0x440\n [\u003cffffffff86ff1d88\u003e] genl_rcv+0x28/0x40\n [\u003cffffffff86fec15c\u003e] netlink_unicast+0x53c/0x820\n [\u003cffffffff86fecd8b\u003e] netlink_sendmsg+0x93b/0xe60\n [\u003cffffffff86b91b35\u003e] ____sys_sendmsg+0xac5/0xca0\n [\u003cffffffff86b9c3dd\u003e] ___sys_sendmsg+0x11d/0x1c0\n [\u003cffffffff86b9c65a\u003e] __sys_sendmsg+0xfa/0x1d0\n [\u003cffffffff88eadbf5\u003e] do_syscall_64+0x45/0xf0\n [\u003cffffffff890000ea\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nHandle the proper resource release in the RCU callback function\nmac802154_llsec_key_del_rcu().\n\nNote that if llsec_lookup_key() finds a key, it gets a refcount via\nllsec_key_get() and locally copies key id from key_entry (which is a\nlist element). So it\u0027s safe to call llsec_key_put() and free the list\nentry after the RCU grace period elapses.\n\nFound by Linux Verification Center (linuxtesting.org).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26961" }, { "category": "external", "summary": "RHBZ#2278176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278176" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26961", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26961" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26961", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26961" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050129-CVE-2024-26961-408d@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mac802154: fix llsec key resources release in mac802154_llsec_key_del" }, { "cve": "CVE-2024-27010", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278279" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Fix mirred deadlock on device recursion\n\nWhen the mirred action is used on a classful egress qdisc and a packet is\nmirrored or redirected to self we hit a qdisc lock deadlock.\nSee trace below.\n\n[..... other info removed for brevity....]\n[ 82.890906]\n[ 82.890906] ============================================\n[ 82.890906] WARNING: possible recursive locking detected\n[ 82.890906] 6.8.0-05205-g77fadd89fe2d-dirty #213 Tainted: G W\n[ 82.890906] --------------------------------------------\n[ 82.890906] ping/418 is trying to acquire lock:\n[ 82.890906] ffff888006994110 (\u0026sch-\u003eq.lock){+.-.}-{3:3}, at:\n__dev_queue_xmit+0x1778/0x3550\n[ 82.890906]\n[ 82.890906] but task is already holding lock:\n[ 82.890906] ffff888006994110 (\u0026sch-\u003eq.lock){+.-.}-{3:3}, at:\n__dev_queue_xmit+0x1778/0x3550\n[ 82.890906]\n[ 82.890906] other info that might help us debug this:\n[ 82.890906] Possible unsafe locking scenario:\n[ 82.890906]\n[ 82.890906] CPU0\n[ 82.890906] ----\n[ 82.890906] lock(\u0026sch-\u003eq.lock);\n[ 82.890906] lock(\u0026sch-\u003eq.lock);\n[ 82.890906]\n[ 82.890906] *** DEADLOCK ***\n[ 82.890906]\n[..... other info removed for brevity....]\n\nExample setup (eth0-\u003eeth0) to recreate\ntc qdisc add dev eth0 root handle 1: htb default 30\ntc filter add dev eth0 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth0\n\nAnother example(eth0-\u003eeth1-\u003eeth0) to recreate\ntc qdisc add dev eth0 root handle 1: htb default 30\ntc filter add dev eth0 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth1\n\ntc qdisc add dev eth1 root handle 1: htb default 30\ntc filter add dev eth1 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth0\n\nWe fix this by adding an owner field (CPU id) to struct Qdisc set after\nroot qdisc is entered. When the softirq enters it a second time, if the\nqdisc owner is the same CPU, the packet is dropped to break the loop.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/sched: Fix mirred deadlock on device recursion", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27010" }, { "category": "external", "summary": "RHBZ#2278279", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278279" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27010", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27010" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27010", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27010" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27010-5a68@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27010-5a68@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net/sched: Fix mirred deadlock on device recursion" }, { "cve": "CVE-2024-27011", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278277" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix memleak in map from abort path\n\nThe delete set command does not rely on the transaction object for\nelement removal, therefore, a combination of delete element + delete set\nfrom the abort path could result in restoring twice the refcount of the\nmapping.\n\nCheck for inactive element in the next generation for the delete element\ncommand in the abort path, skip restoring state if next generation bit\nhas been already cleared. This is similar to the activate logic using\nthe set walk iterator.\n\n[ 6170.286929] ------------[ cut here ]------------\n[ 6170.286939] WARNING: CPU: 6 PID: 790302 at net/netfilter/nf_tables_api.c:2086 nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.287071] Modules linked in: [...]\n[ 6170.287633] CPU: 6 PID: 790302 Comm: kworker/6:2 Not tainted 6.9.0-rc3+ #365\n[ 6170.287768] RIP: 0010:nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.287886] Code: df 48 8d 7d 58 e8 69 2e 3b df 48 8b 7d 58 e8 80 1b 37 df 48 8d 7d 68 e8 57 2e 3b df 48 8b 7d 68 e8 6e 1b 37 df 48 89 ef eb c4 \u003c0f\u003e 0b 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 0f\n[ 6170.287895] RSP: 0018:ffff888134b8fd08 EFLAGS: 00010202\n[ 6170.287904] RAX: 0000000000000001 RBX: ffff888125bffb28 RCX: dffffc0000000000\n[ 6170.287912] RDX: 0000000000000003 RSI: ffffffffa20298ab RDI: ffff88811ebe4750\n[ 6170.287919] RBP: ffff88811ebe4700 R08: ffff88838e812650 R09: fffffbfff0623a55\n[ 6170.287926] R10: ffffffff8311d2af R11: 0000000000000001 R12: ffff888125bffb10\n[ 6170.287933] R13: ffff888125bffb10 R14: dead000000000122 R15: dead000000000100\n[ 6170.287940] FS: 0000000000000000(0000) GS:ffff888390b00000(0000) knlGS:0000000000000000\n[ 6170.287948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6170.287955] CR2: 00007fd31fc00710 CR3: 0000000133f60004 CR4: 00000000001706f0\n[ 6170.287962] Call Trace:\n[ 6170.287967] \u003cTASK\u003e\n[ 6170.287973] ? __warn+0x9f/0x1a0\n[ 6170.287986] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288092] ? report_bug+0x1b1/0x1e0\n[ 6170.287986] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288092] ? report_bug+0x1b1/0x1e0\n[ 6170.288104] ? handle_bug+0x3c/0x70\n[ 6170.288112] ? exc_invalid_op+0x17/0x40\n[ 6170.288120] ? asm_exc_invalid_op+0x1a/0x20\n[ 6170.288132] ? nf_tables_chain_destroy+0x2b/0x220 [nf_tables]\n[ 6170.288243] ? nf_tables_chain_destroy+0x1f7/0x220 [nf_tables]\n[ 6170.288366] ? nf_tables_chain_destroy+0x2b/0x220 [nf_tables]\n[ 6170.288483] nf_tables_trans_destroy_work+0x588/0x590 [nf_tables]", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: fix memleak in map from abort path", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27011" }, { "category": "external", "summary": "RHBZ#2278277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278277" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27011", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27011" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27011", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27011" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27011-2c70@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050148-CVE-2024-27011-2c70@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: netfilter: nf_tables: fix memleak in map from abort path" }, { "cve": "CVE-2024-27019", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278258" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()\n\nnft_unregister_obj() can concurrent with __nft_obj_type_get(),\nand there is not any protection when iterate over nf_tables_objects\nlist in __nft_obj_type_get(). Therefore, there is potential data-race\nof nf_tables_objects list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_objects\nlist in __nft_obj_type_get(), and use rcu_read_lock() in the caller\nnft_obj_type_get() to protect the entire type query process.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27019" }, { "category": "external", "summary": "RHBZ#2278258", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278258" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27019", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27019" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27019", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27019" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27019-e3d4@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27019-e3d4@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()" }, { "cve": "CVE-2024-27020", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278256" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()\n\nnft_unregister_expr() can concurrent with __nft_expr_type_get(),\nand there is not any protection when iterate over nf_tables_expressions\nlist in __nft_expr_type_get(). Therefore, there is potential data-race\nof nf_tables_expressions list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_expressions\nlist in __nft_expr_type_get(), and use rcu_read_lock() in the caller\nnft_expr_type_get() to protect the entire type query process.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27020" }, { "category": "external", "summary": "RHBZ#2278256", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278256" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27020", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27020" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27020", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27020" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27020-5158@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050150-CVE-2024-27020-5158@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()" }, { "cve": "CVE-2024-27025", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278484" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: null check for nla_nest_start\n\nnla_nest_start() may fail and return NULL. Insert a check and set errno\nbased on other call sites within the same source code.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nbd: null check for nla_nest_start", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27025" }, { "category": "external", "summary": "RHBZ#2278484", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278484" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27025", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27025" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27025", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27025" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050107-CVE-2024-27025-babd@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050107-CVE-2024-27025-babd@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: nbd: null check for nla_nest_start" }, { "cve": "CVE-2024-27065", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278380" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not compare internal table flags on updates\n\nRestore skipping transaction if table update does not modify flags.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: do not compare internal table flags on updates", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27065" }, { "category": "external", "summary": "RHBZ#2278380", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278380" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27065", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27065" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27065-8c9d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27065-8c9d@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: netfilter: nf_tables: do not compare internal table flags on updates" }, { "cve": "CVE-2024-27388", "discovery_date": "2024-05-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278535" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: SUNRPC: fix some memleaks in gssx_dec_option_array", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27388" }, { "category": "external", "summary": "RHBZ#2278535", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278535" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27388", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27388" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27388", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27388" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27388-04eb@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050135-CVE-2024-27388-04eb@gregkh/T" } ], "release_date": "2024-05-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: SUNRPC: fix some memleaks in gssx_dec_option_array" }, { "cve": "CVE-2024-27395", "discovery_date": "2024-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2280440" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix Use-After-Free in ovs_ct_exit\n\nSince kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof ovs_ct_limit_exit, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: openvswitch: Fix Use-After-Free in ovs_ct_exit", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27395" }, { "category": "external", "summary": "RHBZ#2280440", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280440" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27395", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27395" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27395", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27395" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27395-573e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024050836-CVE-2024-27395-573e@gregkh/T" } ], "release_date": "2024-05-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net: openvswitch: Fix Use-After-Free in ovs_ct_exit" }, { "cve": "CVE-2024-27434", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281133" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t set the MFP flag for the GTK\n\nThe firmware doesn\u0027t need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: iwlwifi: mvm: don\u0026#39;t set the MFP flag for the GTK", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-27434" }, { "category": "external", "summary": "RHBZ#2281133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281133" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27434", "url": "https://www.cve.org/CVERecord?id=CVE-2024-27434" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27434", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27434" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051756-CVE-2024-27434-ac61@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051756-CVE-2024-27434-ac61@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: iwlwifi: mvm: don\u0026#39;t set the MFP flag for the GTK" }, { "cve": "CVE-2024-31076", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293684" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd-\u003emove_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU\u0027s vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd-\u003eprev_vector because the interrupt isn\u0027t currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn\u0027t reclaim apicd-\u003eprev_vector; instead, it simply resets both\napicd-\u003emove_in_progress and apicd-\u003eprev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd-\u003eprev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd-\u003emove_in_progress with apicd-\u003eprev_cpu pointing to an offline CPU.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-31076" }, { "category": "external", "summary": "RHBZ#2293684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293684" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-31076", "url": "https://www.cve.org/CVERecord?id=CVE-2024-31076" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31076", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31076" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-31076-786e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-31076-786e@gregkh/T" } ], "release_date": "2024-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline" }, { "cve": "CVE-2024-33621", "discovery_date": "2024-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293657" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Dont Use skb-\u003esk in ipvlan_process_v{4,6}_outbound\n\nRaw packet from PF_PACKET socket ontop of an IPv6-backed ipvlan device will\nhit WARN_ON_ONCE() in sk_mc_loop() through sch_direct_xmit() path.\n\nWARNING: CPU: 2 PID: 0 at net/core/sock.c:775 sk_mc_loop+0x2d/0x70\nModules linked in: sch_netem ipvlan rfkill cirrus drm_shmem_helper sg drm_kms_helper\nCPU: 2 PID: 0 Comm: swapper/2 Kdump: loaded Not tainted 6.9.0+ #279\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nRIP: 0010:sk_mc_loop+0x2d/0x70\nCode: fa 0f 1f 44 00 00 65 0f b7 15 f7 96 a3 4f 31 c0 66 85 d2 75 26 48 85 ff 74 1c\nRSP: 0018:ffffa9584015cd78 EFLAGS: 00010212\nRAX: 0000000000000011 RBX: ffff91e585793e00 RCX: 0000000002c6a001\nRDX: 0000000000000000 RSI: 0000000000000040 RDI: ffff91e589c0f000\nRBP: ffff91e5855bd100 R08: 0000000000000000 R09: 3d00545216f43d00\nR10: ffff91e584fdcc50 R11: 00000060dd8616f4 R12: ffff91e58132d000\nR13: ffff91e584fdcc68 R14: ffff91e5869ce800 R15: ffff91e589c0f000\nFS: 0000000000000000(0000) GS:ffff91e898100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f788f7c44c0 CR3: 0000000008e1a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cIRQ\u003e\n ? __warn (kernel/panic.c:693)\n ? sk_mc_loop (net/core/sock.c:760)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:239)\n ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? sk_mc_loop (net/core/sock.c:760)\n ip6_finish_output2 (net/ipv6/ip6_output.c:83 (discriminator 1))\n ? nf_hook_slow (net/netfilter/core.c:626)\n ip6_finish_output (net/ipv6/ip6_output.c:222)\n ? __pfx_ip6_finish_output (net/ipv6/ip6_output.c:215)\n ipvlan_xmit_mode_l3 (drivers/net/ipvlan/ipvlan_core.c:602) ipvlan\n ipvlan_start_xmit (drivers/net/ipvlan/ipvlan_main.c:226) ipvlan\n dev_hard_start_xmit (net/core/dev.c:3594)\n sch_direct_xmit (net/sched/sch_generic.c:343)\n __qdisc_run (net/sched/sch_generic.c:416)\n net_tx_action (net/core/dev.c:5286)\n handle_softirqs (kernel/softirq.c:555)\n __irq_exit_rcu (kernel/softirq.c:589)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1043)\n\nThe warning triggers as this:\npacket_sendmsg\n packet_snd //skb-\u003esk is packet sk\n __dev_queue_xmit\n __dev_xmit_skb //q-\u003eenqueue is not NULL\n __qdisc_run\n sch_direct_xmit\n dev_hard_start_xmit\n ipvlan_start_xmit\n ipvlan_xmit_mode_l3 //l3 mode\n ipvlan_process_outbound //vepa flag\n ipvlan_process_v6_outbound\n ip6_local_out\n __ip6_finish_output\n ip6_finish_output2 //multicast packet\n sk_mc_loop //sk-\u003esk_family is AF_PACKET\n\nCall ip{6}_local_out() with NULL sk in ipvlan as other tunnels to fix this.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ipvlan: Dont Use skb-\u0026gt;sk in ipvlan_process_v{4,6}_outbound", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-33621" }, { "category": "external", "summary": "RHBZ#2293657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293657" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-33621", "url": "https://www.cve.org/CVERecord?id=CVE-2024-33621" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-33621", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33621" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-33621-d3a6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-33621-d3a6@gregkh/T" } ], "release_date": "2024-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ipvlan: Dont Use skb-\u0026gt;sk in ipvlan_process_v{4,6}_outbound" }, { "cve": "CVE-2024-35790", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281054" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmodes/displayport: create sysfs nodes as driver\u0027s default device attribute group\n\nThe DisplayPort driver\u0027s sysfs nodes may be present to the userspace before\ntypec_altmode_set_drvdata() completes in dp_altmode_probe. This means that\na sysfs read can trigger a NULL pointer error by deferencing dp-\u003ehpd in\nhpd_show or dp-\u003elock in pin_assignment_show, as dev_get_drvdata() returns\nNULL in those cases.\n\nRemove manual sysfs node creation in favor of adding attribute group as\ndefault for devices bound to the driver. The ATTRIBUTE_GROUPS() macro is\nnot used here otherwise the path to the sysfs nodes is no longer compliant\nwith the ABI.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: usb: typec: altmodes/displayport: create sysfs nodes as driver\u0026#39;s default device attribute group", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35790" }, { "category": "external", "summary": "RHBZ#2281054", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281054" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35790", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35790" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35790", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35790" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051708-CVE-2024-35790-6a80@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051708-CVE-2024-35790-6a80@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: usb: typec: altmodes/displayport: create sysfs nodes as driver\u0026#39;s default device attribute group" }, { "cve": "CVE-2024-35801", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281235" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Keep xfd_state in sync with MSR_IA32_XFD\n\nCommit 672365477ae8 (\"x86/fpu: Update XFD state where required\") and\ncommit 8bf26758ca96 (\"x86/fpu: Add XFD state to fpstate\") introduced a\nper CPU variable xfd_state to keep the MSR_IA32_XFD value cached, in\norder to avoid unnecessary writes to the MSR.\n\nOn CPU hotplug MSR_IA32_XFD is reset to the init_fpstate.xfd, which\nwipes out any stale state. But the per CPU cached xfd value is not\nreset, which brings them out of sync.\n\nAs a consequence a subsequent xfd_update_state() might fail to update\nthe MSR which in turn can result in XRSTOR raising a #NM in kernel\nspace, which crashes the kernel.\n\nTo fix this, introduce xfd_set_state() to write xfd_state together\nwith MSR_IA32_XFD, and use it in all places that set MSR_IA32_XFD.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35801" }, { "category": "external", "summary": "RHBZ#2281235", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281235" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35801", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35801" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35801", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35801" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD" }, { "cve": "CVE-2024-35807", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281221" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix corruption during on-line resize\n\nWe observed a corruption during on-line resize of a file system that is\nlarger than 16 TiB with 4k block size. With having more then 2^32 blocks\nresize_inode is turned off by default by mke2fs. The issue can be\nreproduced on a smaller file system for convenience by explicitly\nturning off resize_inode. An on-line resize across an 8 GiB boundary (the\nsize of a meta block group in this setup) then leads to a corruption:\n\n dev=/dev/\u003csome_dev\u003e # should be \u003e= 16 GiB\n mkdir -p /corruption\n /sbin/mke2fs -t ext4 -b 4096 -O ^resize_inode $dev $((2 * 2**21 - 2**15))\n mount -t ext4 $dev /corruption\n\n dd if=/dev/zero bs=4096 of=/corruption/test count=$((2*2**21 - 4*2**15))\n sha1sum /corruption/test\n # 79d2658b39dcfd77274e435b0934028adafaab11 /corruption/test\n\n /sbin/resize2fs $dev $((2*2**21))\n # drop page cache to force reload the block from disk\n echo 1 \u003e /proc/sys/vm/drop_caches\n\n sha1sum /corruption/test\n # 3c2abc63cbf1a94c9e6977e0fbd72cd832c4d5c3 /corruption/test\n\n2^21 = 2^15*2^6 equals 8 GiB whereof 2^15 is the number of blocks per\nblock group and 2^6 are the number of block groups that make a meta\nblock group.\n\nThe last checksum might be different depending on how the file is laid\nout across the physical blocks. The actual corruption occurs at physical\nblock 63*2^15 = 2064384 which would be the location of the backup of the\nmeta block group\u0027s block descriptor. During the on-line resize the file\nsystem will be converted to meta_bg starting at s_first_meta_bg which is\n2 in the example - meaning all block groups after 16 GiB. However, in\next4_flex_group_add we might add block groups that are not part of the\nfirst meta block group yet. In the reproducer we achieved this by\nsubstracting the size of a whole block group from the point where the\nmeta block group would start. This must be considered when updating the\nbackup block group descriptors to follow the non-meta_bg layout. The fix\nis to add a test whether the group to add is already part of the meta\nblock group or not.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ext4: fix corruption during on-line resize", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35807" }, { "category": "external", "summary": "RHBZ#2281221", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281221" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35807", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35807" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2024-35807-2a9e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051740-CVE-2024-35807-2a9e@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ext4: fix corruption during on-line resize" }, { "cve": "CVE-2024-35810", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281215" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix the lifetime of the bo cursor memory\n\nThe cleanup can be dispatched while the atomic update is still active,\nwhich means that the memory acquired in the atomic update needs to\nnot be invalidated by the cleanup. The buffer objects in vmw_plane_state\ninstead of using the builtin map_and_cache were trying to handle\nthe lifetime of the mapped memory themselves, leading to crashes.\n\nUse the map_and_cache instead of trying to manage the lifetime of the\nbuffer objects held by the vmw_plane_state.\n\nFixes kernel oops\u0027es in IGT\u0027s kms_cursor_legacy forked-bo.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/vmwgfx: Fix the lifetime of the bo cursor memory", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35810" }, { "category": "external", "summary": "RHBZ#2281215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281215" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35810", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35810" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051741-CVE-2024-35810-1b33@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051741-CVE-2024-35810-1b33@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/vmwgfx: Fix the lifetime of the bo cursor memory" }, { "cve": "CVE-2024-35814", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281207" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: Fix double-allocation of slots due to broken alignment handling\n\nCommit bbb73a103fbb (\"swiotlb: fix a braino in the alignment check fix\"),\nwhich was a fix for commit 0eee5ae10256 (\"swiotlb: fix slot alignment\nchecks\"), causes a functional regression with vsock in a virtual machine\nusing bouncing via a restricted DMA SWIOTLB pool.\n\nWhen virtio allocates the virtqueues for the vsock device using\ndma_alloc_coherent(), the SWIOTLB search can return page-unaligned\nallocations if \u0027area-\u003eindex\u0027 was left unaligned by a previous allocation\nfrom the buffer:\n\n # Final address in brackets is the SWIOTLB address returned to the caller\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1645-1649/7168 (0x98326800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1649-1653/7168 (0x98328800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1653-1657/7168 (0x9832a800)\n\nThis ends badly (typically buffer corruption and/or a hang) because\nswiotlb_alloc() is expecting a page-aligned allocation and so blindly\nreturns a pointer to the \u0027struct page\u0027 corresponding to the allocation,\ntherefore double-allocating the first half (2KiB slot) of the 4KiB page.\n\nFix the problem by treating the allocation alignment separately to any\nadditional alignment requirements from the device, using the maximum\nof the two as the stride to search the buffer slots and taking care\nto ensure a minimum of page-alignment for buffers larger than a page.\n\nThis also resolves swiotlb allocation failures occuring due to the\ninclusion of ~PAGE_MASK in \u0027iotlb_align_mask\u0027 for large allocations and\nresulting in alignment requirements exceeding swiotlb_max_mapping_size().", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35814" }, { "category": "external", "summary": "RHBZ#2281207", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281207" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35814", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35814" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35814", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35814" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051742-CVE-2024-35814-98c7@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051742-CVE-2024-35814-98c7@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling" }, { "cve": "CVE-2024-35847", "discovery_date": "2024-05-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281268" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Prevent double free on error\n\nThe error handling path in its_vpe_irq_domain_alloc() causes a double free\nwhen its_vpe_init() fails after successfully allocating at least one\ninterrupt. This happens because its_vpe_irq_domain_free() frees the\ninterrupts along with the area bitmap and the vprop_page and\nits_vpe_irq_domain_alloc() subsequently frees the area bitmap and the\nvprop_page again.\n\nFix this by unconditionally invoking its_vpe_irq_domain_free() which\nhandles all cases correctly and by removing the bitmap/vprop_page freeing\nfrom its_vpe_irq_domain_alloc().\n\n[ tglx: Massaged change log ]", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: irqchip/gic-v3-its: Prevent double free on error", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35847" }, { "category": "external", "summary": "RHBZ#2281268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281268" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35847", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35847" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35847", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35847" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35847-7e4b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35847-7e4b@gregkh/T" } ], "release_date": "2024-05-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: irqchip/gic-v3-its: Prevent double free on error" }, { "cve": "CVE-2024-35876", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281725" } ], "notes": [ { "category": "description", "text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35876" }, { "category": "external", "summary": "RHBZ#2281725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281725" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35876", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35876" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35876", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35876" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051943-CVE-2024-35876-d9b5@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051943-CVE-2024-35876-d9b5@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()" }, { "cve": "CVE-2024-35893", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281682" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_skbmod: prevent kernel-infoleak\n\nsyzbot found that tcf_skbmod_dump() was copying four bytes\nfrom kernel stack to user space [1].\n\nThe issue here is that \u0027struct tc_skbmod\u0027 has a four bytes hole.\n\nWe need to clear the structure before filling fields.\n\n[1]\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:29 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:271 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n copy_to_iter include/linux/uio.h:196 [inline]\n simple_copy_to_iter net/core/datagram.c:532 [inline]\n __skb_datagram_iter+0x185/0x1000 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:4050 [inline]\n netlink_recvmsg+0x432/0x1610 net/netlink/af_netlink.c:1962\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x2c4/0x340 net/socket.c:1068\n __sys_recvfrom+0x35a/0x5f0 net/socket.c:2242\n __do_sys_recvfrom net/socket.c:2260 [inline]\n __se_sys_recvfrom net/socket.c:2256 [inline]\n __x64_sys_recvfrom+0x126/0x1d0 net/socket.c:2256\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n pskb_expand_head+0x30f/0x19d0 net/core/skbuff.c:2253\n netlink_trim+0x2c2/0x330 net/netlink/af_netlink.c:1317\n netlink_unicast+0x9f/0x1260 net/netlink/af_netlink.c:1351\n nlmsg_unicast include/net/netlink.h:1144 [inline]\n nlmsg_notify+0x21d/0x2f0 net/netlink/af_netlink.c:2610\n rtnetlink_send+0x73/0x90 net/core/rtnetlink.c:741\n rtnetlink_maybe_send include/linux/rtnetlink.h:17 [inline]\n tcf_add_notify net/sched/act_api.c:2048 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x146e/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2559\n rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6613\n netlink_unicast_kernel net/netlink/af_netlink.c:1335 [inline]\n netlink_unicast+0xf4c/0x1260 net/netlink/af_netlink.c:1361\n netlink_sendmsg+0x10df/0x11f0 net/netlink/af_netlink.c:1905\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2674\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n __nla_put lib/nlattr.c:1041 [inline]\n nla_put+0x1c6/0x230 lib/nlattr.c:1099\n tcf_skbmod_dump+0x23f/0xc20 net/sched/act_skbmod.c:256\n tcf_action_dump_old net/sched/act_api.c:1191 [inline]\n tcf_action_dump_1+0x85e/0x970 net/sched/act_api.c:1227\n tcf_action_dump+0x1fd/0x460 net/sched/act_api.c:1251\n tca_get_fill+0x519/0x7a0 net/sched/act_api.c:1628\n tcf_add_notify_msg net/sched/act_api.c:2023 [inline]\n tcf_add_notify net/sched/act_api.c:2042 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x1365/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netli\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/sched: act_skbmod: prevent kernel-infoleak", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35893" }, { "category": "external", "summary": "RHBZ#2281682", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281682" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35893", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35893" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051949-CVE-2024-35893-5132@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051949-CVE-2024-35893-5132@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: net/sched: act_skbmod: prevent kernel-infoleak" }, { "cve": "CVE-2024-35896", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281675" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: validate user input for expected length\n\nI got multiple syzbot reports showing old bugs exposed\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\nin cgroup/{s,g}etsockopt\")\n\nsetsockopt() @optlen argument should be taken into account\nbefore copying data.\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n BUG: KASAN: slab-out-of-bounds in do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\nRead of size 96 at addr ffff88802cd73da0 by task syz-executor.4/7238\n\nCPU: 1 PID: 7238 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\n nf_setsockopt+0x295/0x2c0 net/netfilter/nf_sockopt.c:101\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\nRIP: 0033:0x7fd22067dde9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd21f9ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fd2207abf80 RCX: 00007fd22067dde9\nRDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007fd2206ca47a R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fd2207abf80 R15: 00007ffd2d0170d8\n \u003c/TASK\u003e\n\nAllocated by task 7238:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:4069 [inline]\n __kmalloc_noprof+0x200/0x410 mm/slub.c:4082\n kmalloc_noprof include/linux/slab.h:664 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd47/0x1050 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\n\nThe buggy address belongs to the object at ffff88802cd73da0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes inside of\n allocated 1-byte region [ffff88802cd73da0, ffff88802cd73da1)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802cd73020 pfn:0x2cd73\nflags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)\npage_type: 0xffffefff(slab)\nraw: 00fff80000000000 ffff888015041280 dead000000000100 dead000000000122\nraw: ffff88802cd73020 000000008080007f 00000001ffffefff 00\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: validate user input for expected length", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35896" }, { "category": "external", "summary": "RHBZ#2281675", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281675" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35896", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35896" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35896", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35896" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051950-CVE-2024-35896-e6b5@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051950-CVE-2024-35896-e6b5@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: validate user input for expected length" }, { "cve": "CVE-2024-35897", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281672" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\n\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35897" }, { "category": "external", "summary": "RHBZ#2281672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281672" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35897", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35897" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35897", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35897" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion" }, { "cve": "CVE-2024-35899", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281667" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: flush pending destroy work before exit_net release\n\nSimilar to 2c9f0293280e (\"netfilter: nf_tables: flush pending destroy\nwork before netlink notifier\") to address a race between exit_net and\nthe destroy workqueue.\n\nThe trace below shows an element to be released via destroy workqueue\nwhile exit_net path (triggered via module removal) has already released\nthe set that is used in such transaction.\n\n[ 1360.547789] BUG: KASAN: slab-use-after-free in nf_tables_trans_destroy_work+0x3f5/0x590 [nf_tables]\n[ 1360.547861] Read of size 8 at addr ffff888140500cc0 by task kworker/4:1/152465\n[ 1360.547870] CPU: 4 PID: 152465 Comm: kworker/4:1 Not tainted 6.8.0+ #359\n[ 1360.547882] Workqueue: events nf_tables_trans_destroy_work [nf_tables]\n[ 1360.547984] Call Trace:\n[ 1360.547991] \u003cTASK\u003e\n[ 1360.547998] dump_stack_lvl+0x53/0x70\n[ 1360.548014] print_report+0xc4/0x610\n[ 1360.548026] ? __virt_addr_valid+0xba/0x160\n[ 1360.548040] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n[ 1360.548054] ? nf_tables_trans_destroy_work+0x3f5/0x590 [nf_tables]\n[ 1360.548176] kasan_report+0xae/0xe0\n[ 1360.548189] ? nf_tables_trans_destroy_work+0x3f5/0x590 [nf_tables]\n[ 1360.548312] nf_tables_trans_destroy_work+0x3f5/0x590 [nf_tables]\n[ 1360.548447] ? __pfx_nf_tables_trans_destroy_work+0x10/0x10 [nf_tables]\n[ 1360.548577] ? _raw_spin_unlock_irq+0x18/0x30\n[ 1360.548591] process_one_work+0x2f1/0x670\n[ 1360.548610] worker_thread+0x4d3/0x760\n[ 1360.548627] ? __pfx_worker_thread+0x10/0x10\n[ 1360.548640] kthread+0x16b/0x1b0\n[ 1360.548653] ? __pfx_kthread+0x10/0x10\n[ 1360.548665] ret_from_fork+0x2f/0x50\n[ 1360.548679] ? __pfx_kthread+0x10/0x10\n[ 1360.548690] ret_from_fork_asm+0x1a/0x30\n[ 1360.548707] \u003c/TASK\u003e\n\n[ 1360.548719] Allocated by task 192061:\n[ 1360.548726] kasan_save_stack+0x20/0x40\n[ 1360.548739] kasan_save_track+0x14/0x30\n[ 1360.548750] __kasan_kmalloc+0x8f/0xa0\n[ 1360.548760] __kmalloc_node+0x1f1/0x450\n[ 1360.548771] nf_tables_newset+0x10c7/0x1b50 [nf_tables]\n[ 1360.548883] nfnetlink_rcv_batch+0xbc4/0xdc0 [nfnetlink]\n[ 1360.548909] nfnetlink_rcv+0x1a8/0x1e0 [nfnetlink]\n[ 1360.548927] netlink_unicast+0x367/0x4f0\n[ 1360.548935] netlink_sendmsg+0x34b/0x610\n[ 1360.548944] ____sys_sendmsg+0x4d4/0x510\n[ 1360.548953] ___sys_sendmsg+0xc9/0x120\n[ 1360.548961] __sys_sendmsg+0xbe/0x140\n[ 1360.548971] do_syscall_64+0x55/0x120\n[ 1360.548982] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n\n[ 1360.548994] Freed by task 192222:\n[ 1360.548999] kasan_save_stack+0x20/0x40\n[ 1360.549009] kasan_save_track+0x14/0x30\n[ 1360.549019] kasan_save_free_info+0x3b/0x60\n[ 1360.549028] poison_slab_object+0x100/0x180\n[ 1360.549036] __kasan_slab_free+0x14/0x30\n[ 1360.549042] kfree+0xb6/0x260\n[ 1360.549049] __nft_release_table+0x473/0x6a0 [nf_tables]\n[ 1360.549131] nf_tables_exit_net+0x170/0x240 [nf_tables]\n[ 1360.549221] ops_exit_list+0x50/0xa0\n[ 1360.549229] free_exit_list+0x101/0x140\n[ 1360.549236] unregister_pernet_operations+0x107/0x160\n[ 1360.549245] unregister_pernet_subsys+0x1c/0x30\n[ 1360.549254] nf_tables_module_exit+0x43/0x80 [nf_tables]\n[ 1360.549345] __do_sys_delete_module+0x253/0x370\n[ 1360.549352] do_syscall_64+0x55/0x120\n[ 1360.549360] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n\n(gdb) list *__nft_release_table+0x473\n0x1e033 is in __nft_release_table (net/netfilter/nf_tables_api.c:11354).\n11349 list_for_each_entry_safe(flowtable, nf, \u0026table-\u003eflowtables, list) {\n11350 list_del(\u0026flowtable-\u003elist);\n11351 nft_use_dec(\u0026table-\u003euse);\n11352 nf_tables_flowtable_destroy(flowtable);\n11353 }\n11354 list_for_each_entry_safe(set, ns, \u0026table-\u003esets, list) {\n11355 list_del(\u0026set-\u003elist);\n11356 nft_use_dec(\u0026table-\u003euse);\n11357 if (set-\u003eflags \u0026 (NFT_SET_MAP | NFT_SET_OBJECT))\n11358 nft_map_deactivat\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: flush pending destroy work before exit_net release", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35899" }, { "category": "external", "summary": "RHBZ#2281667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281667" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35899", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35899" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35899", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35899" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35899-c56a@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35899-c56a@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nf_tables: flush pending destroy work before exit_net release" }, { "cve": "CVE-2024-35900", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281664" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject new basechain after table flag update\n\nWhen dormant flag is toggled, hooks are disabled in the commit phase by\niterating over current chains in table (existing and new).\n\nThe following configuration allows for an inconsistent state:\n\n add table x\n add chain x y { type filter hook input priority 0; }\n add table x { flags dormant; }\n add chain x w { type filter hook input priority 1; }\n\nwhich triggers the following warning when trying to unregister chain w\nwhich is already unregistered.\n\n[ 127.322252] WARNING: CPU: 7 PID: 1211 at net/netfilter/core.c:50 1 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[ 127.322519] Call Trace:\n[ 127.322521] \u003cTASK\u003e\n[ 127.322524] ? __warn+0x9f/0x1a0\n[ 127.322531] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322537] ? report_bug+0x1b1/0x1e0\n[ 127.322545] ? handle_bug+0x3c/0x70\n[ 127.322552] ? exc_invalid_op+0x17/0x40\n[ 127.322556] ? asm_exc_invalid_op+0x1a/0x20\n[ 127.322563] ? kasan_save_free_info+0x3b/0x60\n[ 127.322570] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322577] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322583] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322590] ? __nf_tables_unregister_hook+0x8a/0xe0 [nf_tables]\n[ 127.322655] nft_table_disable+0x75/0xf0 [nf_tables]\n[ 127.322717] nf_tables_commit+0x2571/0x2620 [nf_tables]", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: reject new basechain after table flag update", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35900" }, { "category": "external", "summary": "RHBZ#2281664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35900", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35900" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35900-c2c9@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35900-c2c9@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: netfilter: nf_tables: reject new basechain after table flag update" }, { "cve": "CVE-2024-35910", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281641" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tcp: properly terminate timers for kernel sockets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35910" }, { "category": "external", "summary": "RHBZ#2281641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281641" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35910", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35910" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35910", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35910" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051955-CVE-2024-35910-5f95@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051955-CVE-2024-35910-5f95@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: tcp: properly terminate timers for kernel sockets" }, { "cve": "CVE-2024-35912", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281636" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: rfi: fix potential response leaks\n\nIf the rx payload length check fails, or if kmemdup() fails,\nwe still need to free the command response. Fix that.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35912" }, { "category": "external", "summary": "RHBZ#2281636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35912", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35912" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35912", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35912" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051956-CVE-2024-35912-b093@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051956-CVE-2024-35912-b093@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks" }, { "cve": "CVE-2024-35924", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281758" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Limit read size on v1.2\n\nBetween UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was\nincreased from 16 to 256. In order to avoid overflowing reads for older\nsystems, add a mechanism to use the read UCSI version to truncate read\nsizes on UCSI v1.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: usb: typec: ucsi: Limit read size on v1.2", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35924" }, { "category": "external", "summary": "RHBZ#2281758", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281758" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35924", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35924" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35924", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35924" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35924-90f6@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: usb: typec: ucsi: Limit read size on v1.2" }, { "cve": "CVE-2024-35925", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281752" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst-\u003enr_samples + src-\u003enr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: block: prevent division by zero in blk_rq_stat_sum()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35925" }, { "category": "external", "summary": "RHBZ#2281752", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281752" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35925", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35925" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35925", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35925" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35925-fa17@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35925-fa17@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: block: prevent division by zero in blk_rq_stat_sum()" }, { "cve": "CVE-2024-35930", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281519" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()\n\nThe call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an\nunsuccessful status. In such cases, the elsiocb is not issued, the\ncompletion is not called, and thus the elsiocb resource is leaked.\n\nCheck return value after calling lpfc_sli4_resume_rpi() and conditionally\nrelease the elsiocb resource.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35930" }, { "category": "external", "summary": "RHBZ#2281519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281519" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35930", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35930" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35930", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35930" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051916-CVE-2024-35930-5571@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051916-CVE-2024-35930-5571@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()" }, { "cve": "CVE-2024-35937", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281821" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: check A-MSDU format more carefully\n\nIf it looks like there\u0027s another subframe in the A-MSDU\nbut the header isn\u0027t fully there, we can end up reading\ndata out of bounds, only to discard later. Make this a\nbit more careful and check if the subframe header can\neven be present.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: cfg80211: check A-MSDU format more carefully", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35937" }, { "category": "external", "summary": "RHBZ#2281821", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281821" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35937", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35937" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35937", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35937" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35937-0415@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35937-0415@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: cfg80211: check A-MSDU format more carefully" }, { "cve": "CVE-2024-35938", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281819" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: decrease MHI channel buffer length to 8KB\n\nCurrently buf_len field of ath11k_mhi_config_qca6390 is assigned\nwith 0, making MHI use a default size, 64KB, to allocate channel\nbuffers. This is likely to fail in some scenarios where system\nmemory is highly fragmented and memory compaction or reclaim is\nnot allowed.\n\nThere is a fail report which is caused by it:\nkworker/u32:45: page allocation failure: order:4, mode:0x40c00(GFP_NOIO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0\nCPU: 0 PID: 19318 Comm: kworker/u32:45 Not tainted 6.8.0-rc3-1.gae4495f-default #1 openSUSE Tumbleweed (unreleased) 493b6d5b382c603654d7a81fc3c144d59a1dfceb\nWorkqueue: events_unbound async_run_entry_fn\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x47/0x60\n warn_alloc+0x13a/0x1b0\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __alloc_pages_direct_compact+0xab/0x210\n __alloc_pages_slowpath.constprop.0+0xd3e/0xda0\n __alloc_pages+0x32d/0x350\n ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n __kmalloc_large_node+0x72/0x110\n __kmalloc+0x37c/0x480\n ? mhi_map_single_no_bb+0x77/0xf0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n __mhi_prepare_for_transfer+0x44/0x80 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n ? __pfx_____mhi_prepare_for_transfer+0x10/0x10 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n device_for_each_child+0x5c/0xa0\n ? __pfx_pci_pm_resume+0x10/0x10\n ath11k_core_resume+0x65/0x100 [ath11k a5094e22d7223135c40d93c8f5321cf09fd85e4e]\n ? srso_alias_return_thunk+0x5/0xfbef5\n ath11k_pci_pm_resume+0x32/0x60 [ath11k_pci 830b7bfc3ea80ebef32e563cafe2cb55e9cc73ec]\n ? srso_alias_return_thunk+0x5/0xfbef5\n dpm_run_callback+0x8c/0x1e0\n device_resume+0x104/0x340\n ? __pfx_dpm_watchdog_handler+0x10/0x10\n async_resume+0x1d/0x30\n async_run_entry_fn+0x32/0x120\n process_one_work+0x168/0x330\n worker_thread+0x2f5/0x410\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe8/0x120\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nActually those buffers are used only by QMI target -\u003e host communication.\nAnd for WCN6855 and QCA6390, the largest packet size for that is less\nthan 6KB. So change buf_len field to 8KB, which results in order 1\nallocation if page size is 4KB. In this way, we can at least save some\nmemory, and as well as decrease the possibility of allocation failure\nin those scenarios.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35938" }, { "category": "external", "summary": "RHBZ#2281819", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281819" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35938", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35938" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35938", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35938" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35938-0100@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35938-0100@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB" }, { "cve": "CVE-2024-35946", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281833" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix null pointer access when abort scan\n\nDuring cancel scan we might use vif that weren\u0027t scanning.\nFix this by using the actual scanning vif.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: rtw89: fix null pointer access when abort scan", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35946" }, { "category": "external", "summary": "RHBZ#2281833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281833" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35946", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35946" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35946", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35946" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051921-CVE-2024-35946-c2c2@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: wifi: rtw89: fix null pointer access when abort scan" }, { "cve": "CVE-2024-35947", "discovery_date": "2024-05-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281510" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndyndbg: fix old BUG_ON in \u003econtrol parser\n\nFix a BUG_ON from 2009. Even if it looks \"unreachable\" (I didn\u0027t\nreally look), lets make sure by removing it, doing pr_err and return\n-EINVAL instead.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: dyndbg: fix old BUG_ON in \u0026gt;control parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35947" }, { "category": "external", "summary": "RHBZ#2281510", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281510" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35947", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35947" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35947", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35947" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35947-09bb@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35947-09bb@gregkh/T" } ], "release_date": "2024-05-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: dyndbg: fix old BUG_ON in \u0026gt;control parser" }, { "cve": "CVE-2024-35952", "discovery_date": "2024-05-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281938" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ast: Fix soft lockup\n\nThere is a while-loop in ast_dp_set_on_off() that could lead to\ninfinite-loop. This is because the register, VGACRI-Dx, checked in\nthis API is a scratch register actually controlled by a MCU, named\nDPMCU, in BMC.\n\nThese scratch registers are protected by scu-lock. If suc-lock is not\noff, DPMCU can not update these registers and then host will have soft\nlockup due to never updated status.\n\nDPMCU is used to control DP and relative registers to handshake with\nhost\u0027s VGA driver. Even the most time-consuming task, DP\u0027s link\ntraining, is less than 100ms. 200ms should be enough.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/ast: Fix soft lockup", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-35952" }, { "category": "external", "summary": "RHBZ#2281938", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281938" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35952", "url": "https://www.cve.org/CVERecord?id=CVE-2024-35952" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35952", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35952" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052017-CVE-2024-35952-645b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052017-CVE-2024-35952-645b@gregkh/T" } ], "release_date": "2024-05-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/ast: Fix soft lockup" }, { "cve": "CVE-2024-36000", "discovery_date": "2024-05-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281968" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix missing hugetlb_lock for resv uncharge\n\nThere is a recent report on UFFDIO_COPY over hugetlb:\n\nhttps://lore.kernel.org/all/000000000000ee06de0616177560@google.com/\n\n350:\tlockdep_assert_held(\u0026hugetlb_lock);\n\nShould be an issue in hugetlb but triggered in an userfault context, where\nit goes into the unlikely path where two threads modifying the resv map\ntogether. Mike has a fix in that path for resv uncharge but it looks like\nthe locking criteria was overlooked: hugetlb_cgroup_uncharge_folio_rsvd()\nwill update the cgroup pointer, so it requires to be called with the lock\nheld.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36000" }, { "category": "external", "summary": "RHBZ#2281968", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281968" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36000", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36000" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36000", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36000" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052023-CVE-2024-36000-cfc4@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052023-CVE-2024-36000-cfc4@gregkh/T" } ], "release_date": "2024-05-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge" }, { "cve": "CVE-2024-36005", "discovery_date": "2024-05-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281949" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: honor table dormant flag from netdev release event path\n\nCheck for table dormant flag otherwise netdev release event path tries\nto unregister an already unregistered hook.\n\n[524854.857999] ------------[ cut here ]------------\n[524854.858010] WARNING: CPU: 0 PID: 3386599 at net/netfilter/core.c:501 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[524854.858848] CPU: 0 PID: 3386599 Comm: kworker/u32:2 Not tainted 6.9.0-rc3+ #365\n[524854.858869] Workqueue: netns cleanup_net\n[524854.858886] RIP: 0010:__nf_unregister_net_hook+0x21a/0x260\n[524854.858903] Code: 24 e8 aa 73 83 ff 48 63 43 1c 83 f8 01 0f 85 3d ff ff ff e8 98 d1 f0 ff 48 8b 3c 24 e8 8f 73 83 ff 48 63 43 1c e9 26 ff ff ff \u003c0f\u003e 0b 48 83 c4 18 48 c7 c7 00 68 e9 82 5b 5d 41 5c 41 5d 41 5e 41\n[524854.858914] RSP: 0018:ffff8881e36d79e0 EFLAGS: 00010246\n[524854.858926] RAX: 0000000000000000 RBX: ffff8881339ae790 RCX: ffffffff81ba524a\n[524854.858936] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881c8a16438\n[524854.858945] RBP: ffff8881c8a16438 R08: 0000000000000001 R09: ffffed103c6daf34\n[524854.858954] R10: ffff8881e36d79a7 R11: 0000000000000000 R12: 0000000000000005\n[524854.858962] R13: ffff8881c8a16000 R14: 0000000000000000 R15: ffff8881351b5a00\n[524854.858971] FS: 0000000000000000(0000) GS:ffff888390800000(0000) knlGS:0000000000000000\n[524854.858982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[524854.858991] CR2: 00007fc9be0f16f4 CR3: 00000001437cc004 CR4: 00000000001706f0\n[524854.859000] Call Trace:\n[524854.859006] \u003cTASK\u003e\n[524854.859013] ? __warn+0x9f/0x1a0\n[524854.859027] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859044] ? report_bug+0x1b1/0x1e0\n[524854.859060] ? handle_bug+0x3c/0x70\n[524854.859071] ? exc_invalid_op+0x17/0x40\n[524854.859083] ? asm_exc_invalid_op+0x1a/0x20\n[524854.859100] ? __nf_unregister_net_hook+0x6a/0x260\n[524854.859116] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859135] nf_tables_netdev_event+0x337/0x390 [nf_tables]\n[524854.859304] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859461] ? packet_notifier+0xb3/0x360\n[524854.859476] ? _raw_spin_unlock_irqrestore+0x11/0x40\n[524854.859489] ? dcbnl_netdevice_event+0x35/0x140\n[524854.859507] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859661] notifier_call_chain+0x7d/0x140\n[524854.859677] unregister_netdevice_many_notify+0x5e1/0xae0", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36005" }, { "category": "external", "summary": "RHBZ#2281949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281949" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36005", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36005", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36005" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-36005-2336@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052024-CVE-2024-36005-2336@gregkh/T" } ], "release_date": "2024-05-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path" }, { "cve": "CVE-2024-36006", "discovery_date": "2024-05-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2281989" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix incorrect list API usage\n\nBoth the function that migrates all the chunks within a region and the\nfunction that migrates all the entries within a chunk call\nlist_first_entry() on the respective lists without checking that the\nlists are not empty. This is incorrect usage of the API, which leads to\nthe following warning [1].\n\nFix by returning if the lists are empty as there is nothing to migrate\nin this case.\n\n[1]\nWARNING: CPU: 0 PID: 6437 at drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c:1266 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0\u003e\nModules linked in:\nCPU: 0 PID: 6437 Comm: kworker/0:37 Not tainted 6.9.0-rc3-custom-00883-g94a65f079ef6 #39\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0x2c0\n[...]\nCall Trace:\n \u003cTASK\u003e\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x4a0\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36006" }, { "category": "external", "summary": "RHBZ#2281989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281989" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36006", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36006" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36006", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36006" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052025-CVE-2024-36006-c032@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052025-CVE-2024-36006-c032@gregkh/T" } ], "release_date": "2024-05-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage" }, { "cve": "CVE-2024-36010", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-05-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2282950" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix string truncation warnings in igb_set_fw_version\n\nCommit 1978d3ead82c (\"intel: fix string truncation warnings\")\nfixes \u0027-Wformat-truncation=\u0027 warnings in igb_main.c by using kasprintf.\n\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:53: warning\uff1a\u2018%d\u2019 directive output may be truncated writing between 1 and 5 bytes into a region of size between 1 and 13 [-Wformat-truncation=]\n 3092 | \"%d.%d, 0x%08x, %d.%d.%d\",\n | ^~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note\uff1adirective argument in the range [0, 65535]\n 3092 | \"%d.%d, 0x%08x, %d.%d.%d\",\n | ^~~~~~~~~~~~~~~~~~~~~~~~~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note\uff1adirective argument in the range [0, 65535]\ndrivers/net/ethernet/intel/igb/igb_main.c:3090:25: note\uff1a\u2018snprintf\u2019 output between 23 and 43 bytes into a destination of size 32\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\n\nFix this warning by using a larger space for adapter-\u003efw_version,\nand then fall back and continue to use snprintf.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: igb: Fix string truncation warnings in igb_set_fw_version", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36010" }, { "category": "external", "summary": "RHBZ#2282950", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282950" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36010", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36010" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36010", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36010" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052237-CVE-2024-36010-c98b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052237-CVE-2024-36010-c98b@gregkh/T" } ], "release_date": "2024-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: igb: Fix string truncation warnings in igb_set_fw_version" }, { "cve": "CVE-2024-36016", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2024-05-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2283894" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix possible out-of-bounds in gsm0_receive()\n\nAssuming the following:\n- side A configures the n_gsm in basic option mode\n- side B sends the header of a basic option mode frame with data length 1\n- side A switches to advanced option mode\n- side B sends 2 data bytes which exceeds gsm-\u003elen\n Reason: gsm-\u003elen is not used in advanced option mode.\n- side A switches to basic option mode\n- side B keeps sending until gsm0_receive() writes past gsm-\u003ebuf\n Reason: Neither gsm-\u003estate nor gsm-\u003elen have been reset after\n reconfiguration.\n\nFix this by changing gsm-\u003ecount to gsm-\u003elen comparison from equal to less\nthan. Also add upper limit checks against the constant MAX_MRU in\ngsm0_receive() and gsm1_receive() to harden against memory corruption of\ngsm-\u003elen and gsm-\u003emru.\n\nAll other checks remain as we still need to limit the data according to the\nuser configuration and actual payload size.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36016" }, { "category": "external", "summary": "RHBZ#2283894", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283894" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36016", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36016" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36016", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36016" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024052947-CVE-2024-36016-d30a@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024052947-CVE-2024-36016-d30a@gregkh/T" } ], "release_date": "2024-05-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive()" }, { "cve": "CVE-2024-36017", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284417" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation\n\nEach attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a\nstruct ifla_vf_vlan_info so the size of such attribute needs to be at least\nof sizeof(struct ifla_vf_vlan_info) which is 14 bytes.\nThe current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes)\nwhich is less than sizeof(struct ifla_vf_vlan_info) so this validation\nis not enough and a too small attribute might be cast to a\nstruct ifla_vf_vlan_info, this might result in an out of bands\nread access when accessing the saved (casted) entry in ivvl.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36017" }, { "category": "external", "summary": "RHBZ#2284417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284417" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36017", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36017", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36017" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053015-CVE-2024-36017-bf96@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053015-CVE-2024-36017-bf96@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation" }, { "cve": "CVE-2024-36020", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284400" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u2019s Ethernet Controller XL710 family driver. This flaw allows a local user to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: i40e: fix vf may be used uninitialized in this function warning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36020" }, { "category": "external", "summary": "RHBZ#2284400", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284400" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36020", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36020" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36020", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36020" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "To mitigate this issue, prevent the i40e module from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to prevent it from loading automatically.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: i40e: fix vf may be used uninitialized in this function warning" }, { "cve": "CVE-2024-36025", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284421" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix off by one in qla_edif_app_getstats()\n\nThe app_reply-\u003eelem[] array is allocated earlier in this function and it\nhas app_req.num_ports elements. Thus this \u003e comparison needs to be \u003e= to\nprevent memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36025" }, { "category": "external", "summary": "RHBZ#2284421", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284421" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36025", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36025" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36025", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36025" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053034-CVE-2024-36025-95e0@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053034-CVE-2024-36025-95e0@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()" }, { "cve": "CVE-2024-36270", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293653" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: tproxy: bail out if IP has been disabled on the device\n\nsyzbot reports:\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\n[..]\nRIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62\nCall Trace:\n nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline]\n nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168\n\n__in_dev_get_rcu() can return NULL, so check for this.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: tproxy: bail out if IP has been disabled on the device", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36270" }, { "category": "external", "summary": "RHBZ#2293653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293653" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36270", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36270" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36270", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36270" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062135-CVE-2024-36270-f7f7@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062135-CVE-2024-36270-f7f7@gregkh/T" } ], "release_date": "2024-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: tproxy: bail out if IP has been disabled on the device" }, { "cve": "CVE-2024-36286", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "discovery_date": "2024-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293711" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()\n\nsyzbot reported that nf_reinject() could be called without rcu_read_lock() :\n\nWARNING: suspicious RCU usage\n6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0 Not tainted\n\nnet/netfilter/nfnetlink_queue.c:263 suspicious rcu_dereference_check() usage!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n2 locks held by syz-executor.4/13427:\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2190 [inline]\n #0: ffffffff8e334f60 (rcu_callback){....}-{0:0}, at: rcu_core+0xa86/0x1830 kernel/rcu/tree.c:2471\n #1: ffff88801ca92958 (\u0026inst-\u003elock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n #1: ffff88801ca92958 (\u0026inst-\u003elock){+.-.}-{2:2}, at: nfqnl_flush net/netfilter/nfnetlink_queue.c:405 [inline]\n #1: ffff88801ca92958 (\u0026inst-\u003elock){+.-.}-{2:2}, at: instance_destroy_rcu+0x30/0x220 net/netfilter/nfnetlink_queue.c:172\n\nstack backtrace:\nCPU: 0 PID: 13427 Comm: syz-executor.4 Not tainted 6.9.0-rc7-syzkaller-02060-g5c1672705a1a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712\n nf_reinject net/netfilter/nfnetlink_queue.c:323 [inline]\n nfqnl_reinject+0x6ec/0x1120 net/netfilter/nfnetlink_queue.c:397\n nfqnl_flush net/netfilter/nfnetlink_queue.c:410 [inline]\n instance_destroy_rcu+0x1ae/0x220 net/netfilter/nfnetlink_queue.c:172\n rcu_do_batch kernel/rcu/tree.c:2196 [inline]\n rcu_core+0xafd/0x1830 kernel/rcu/tree.c:2471\n handle_softirqs+0x2d6/0x990 kernel/softirq.c:554\n __do_softirq kernel/softirq.c:588 [inline]\n invoke_softirq kernel/softirq.c:428 [inline]\n __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:649\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043\n \u003c/IRQ\u003e\n \u003cTASK\u003e", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36286" }, { "category": "external", "summary": "RHBZ#2293711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293711" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36286", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36286" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36286", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36286" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062135-CVE-2024-36286-ebd5@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062135-CVE-2024-36286-ebd5@gregkh/T" } ], "release_date": "2024-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()" }, { "cve": "CVE-2024-36489", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293687" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix missing memory barrier in tls_init\n\nIn tls_init(), a write memory barrier is missing, and store-store\nreordering may cause NULL dereference in tls_{setsockopt,getsockopt}.\n\nCPU0 CPU1\n----- -----\n// In tls_init()\n// In tls_ctx_create()\nctx = kzalloc()\nctx-\u003esk_proto = READ_ONCE(sk-\u003esk_prot) -(1)\n\n// In update_sk_prot()\nWRITE_ONCE(sk-\u003esk_prot, tls_prots) -(2)\n\n // In sock_common_setsockopt()\n READ_ONCE(sk-\u003esk_prot)-\u003esetsockopt()\n\n // In tls_{setsockopt,getsockopt}()\n ctx-\u003esk_proto-\u003esetsockopt() -(3)\n\nIn the above scenario, when (1) and (2) are reordered, (3) can observe\nthe NULL value of ctx-\u003esk_proto, causing NULL dereference.\n\nTo fix it, we rely on rcu_assign_pointer() which implies the release\nbarrier semantic. By moving rcu_assign_pointer() after ctx-\u003esk_proto is\ninitialized, we can ensure that ctx-\u003esk_proto are visible when\nchanging sk-\u003esk_prot.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tls: fix missing memory barrier in tls_init", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36489" }, { "category": "external", "summary": "RHBZ#2293687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293687" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36489", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36489" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062136-CVE-2024-36489-7213@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062136-CVE-2024-36489-7213@gregkh/T" } ], "release_date": "2024-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: tls: fix missing memory barrier in tls_init" }, { "cve": "CVE-2024-36886", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-06-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2277238" } ], "notes": [ { "category": "description", "text": "A use-after-free (UAF) flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipc_buf_append() function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on \"struct sk_buff\", which may lead to remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: TIPC message reassembly use-after-free remote code execution vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "While the TIPC module is not loaded by default, this flaw might be used as one in a series of attacks. For that reason, and because of the possibility of remote code execution on systems where this module has been loaded, Red Hat assesses the impact of this flaw as Important.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36886" }, { "category": "external", "summary": "RHBZ#2277238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277238" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36886", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36886" }, { "category": "external", "summary": "https://lore.kernel.org/all/752f1ccf762223d109845365d07f55414058e5a3.1714484273.git.pabeni@redhat.com/", "url": "https://lore.kernel.org/all/752f1ccf762223d109845365d07f55414058e5a3.1714484273.git.pabeni@redhat.com/" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36886-dd83@gregkh/T/#u", "url": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36886-dd83@gregkh/T/#u" } ], "release_date": "2024-06-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "The TIPC module is not automatically loaded in default configurations. When required, administrative privileges are required to explicitly load this module.\nTo determine if the TIPC module is loaded, use the following command:\n# grep tipc /proc/modules\nLook for output similar to the following:\ntipc 479232 0 - Live 0xffffffffc1ba5000\nip6_udp_tunnel 16384 1 tipc, Live 0xffffffffc1b9b000\nudp_tunnel 32768 1 tipc, Live 0xffffffffc1b8b000\n\nLoading the module can be prevented with the following instructions:\n# echo \"install tipc /bin/true\" \u003e\u003e /etc/modprobe.d/disable-tipc.conf\nThe system will need to be restarted if the module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: TIPC message reassembly use-after-free remote code execution vulnerability" }, { "cve": "CVE-2024-36889", "cwe": { "id": "CWE-665", "name": "Improper Initialization" }, "discovery_date": "2024-05-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284571" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure snd_nxt is properly initialized on connect\n\nChristoph reported a splat hinting at a corrupted snd_una:\n\n WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Modules linked in:\n CPU: 1 PID: 38 Comm: kworker/1:1 Not tainted 6.9.0-rc1-gbbeac67456c9 #59\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n Workqueue: events mptcp_worker\n RIP: 0010:__mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Code: be 06 01 00 00 bf 06 01 00 00 e8 a8 12 e7 fe e9 00 fe ff ff e8\n \t8e 1a e7 fe 0f b7 ab 3e 02 00 00 e9 d3 fd ff ff e8 7d 1a e7 fe\n \t\u003c0f\u003e 0b 4c 8b bb e0 05 00 00 e9 74 fc ff ff e8 6a 1a e7 fe 0f 0b e9\n RSP: 0018:ffffc9000013fd48 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff8881029bd280 RCX: ffffffff82382fe4\n RDX: ffff8881003cbd00 RSI: ffffffff823833c3 RDI: 0000000000000001\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888138ba8000\n R13: 0000000000000106 R14: ffff8881029bd908 R15: ffff888126560000\n FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f604a5dae38 CR3: 0000000101dac002 CR4: 0000000000170ef0\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup net/mptcp/protocol.c:1055 [inline]\n mptcp_clean_una_wakeup net/mptcp/protocol.c:1062 [inline]\n __mptcp_retrans+0x7f/0x7e0 net/mptcp/protocol.c:2615\n mptcp_worker+0x434/0x740 net/mptcp/protocol.c:2767\n process_one_work+0x1e0/0x560 kernel/workqueue.c:3254\n process_scheduled_works kernel/workqueue.c:3335 [inline]\n worker_thread+0x3c7/0x640 kernel/workqueue.c:3416\n kthread+0x121/0x170 kernel/kthread.c:388\n ret_from_fork+0x44/0x50 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n \u003c/TASK\u003e\n\nWhen fallback to TCP happens early on a client socket, snd_nxt\nis not yet initialized and any incoming ack will copy such value\ninto snd_una. If the mptcp worker (dumbly) tries mptcp-level\nre-injection after such ack, that would unconditionally trigger a send\nbuffer cleanup using \u0027bad\u0027 snd_una values.\n\nWe could easily disable re-injection for fallback sockets, but such\ndumb behavior already helped catching a few subtle issues and a very\nlow to zero impact in practice.\n\nInstead address the issue always initializing snd_nxt (and write_seq,\nfor consistency) at connect time.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mptcp: ensure snd_nxt is properly initialized on connect", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36889" }, { "category": "external", "summary": "RHBZ#2284571", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284571" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36889", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36889" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36889", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36889" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36889-222d@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mptcp: ensure snd_nxt is properly initialized on connect" }, { "cve": "CVE-2024-36896", "cwe": { "id": "CWE-170", "name": "Improper Null Termination" }, "discovery_date": "2024-05-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284556" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix access violation during port device removal\n\nTesting with KASAN and syzkaller revealed a bug in port.c:disable_store():\nusb_hub_to_struct_hub() can return NULL if the hub that the port belongs to\nis concurrently removed, but the function does not check for this\npossibility before dereferencing the returned value.\n\nIt turns out that the first dereference is unnecessary, since hub-\u003eintfdev\nis the parent of the port device, so it can be changed easily. Adding a\ncheck for hub == NULL prevents further problems.\n\nThe same bug exists in the disable_show() routine, and it can be fixed the\nsame way.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: USB: core: Fix access violation during port device removal", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36896" }, { "category": "external", "summary": "RHBZ#2284556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284556" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36896", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36896" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36896", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36896" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053034-CVE-2024-36896-783f@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053034-CVE-2024-36896-783f@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: USB: core: Fix access violation during port device removal" }, { "cve": "CVE-2024-36904", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284541" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u2019s TCP protocol in how a local user triggers a complex race condition during connection to the socket. This flaw allows a local user to crash or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36904" }, { "category": "external", "summary": "RHBZ#2284541", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284541" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36904", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36904" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36904", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36904" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053036-CVE-2024-36904-2273@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053036-CVE-2024-36904-2273@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique()." }, { "cve": "CVE-2024-36905", "cwe": { "id": "CWE-369", "name": "Divide By Zero" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284539" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets\n\nTCP_SYN_RECV state is really special, it is only used by\ncross-syn connections, mostly used by fuzzers.\n\nIn the following crash [1], syzbot managed to trigger a divide\nby zero in tcp_rcv_space_adjust()\n\nA socket makes the following state transitions,\nwithout ever calling tcp_init_transfer(),\nmeaning tcp_init_buffer_space() is also not called.\n\n TCP_CLOSE\nconnect()\n TCP_SYN_SENT\n TCP_SYN_RECV\nshutdown() -\u003e tcp_shutdown(sk, SEND_SHUTDOWN)\n TCP_FIN_WAIT1\n\nTo fix this issue, change tcp_shutdown() to not\nperform a TCP_SYN_RECV -\u003e TCP_FIN_WAIT1 transition,\nwhich makes no sense anyway.\n\nWhen tcp_rcv_state_process() later changes socket state\nfrom TCP_SYN_RECV to TCP_ESTABLISH, then look at\nsk-\u003esk_shutdown to finally enter TCP_FIN_WAIT1 state,\nand send a FIN packet from a sane socket state.\n\nThis means tcp_send_fin() can now be called from BH\ncontext, and must use GFP_ATOMIC allocations.\n\n[1]\ndivide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 1 PID: 5084 Comm: syz-executor358 Not tainted 6.9.0-rc6-syzkaller-00022-g98369dccd2f8 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:tcp_rcv_space_adjust+0x2df/0x890 net/ipv4/tcp_input.c:767\nCode: e3 04 4c 01 eb 48 8b 44 24 38 0f b6 04 10 84 c0 49 89 d5 0f 85 a5 03 00 00 41 8b 8e c8 09 00 00 89 e8 29 c8 48 0f af c3 31 d2 \u003c48\u003e f7 f1 48 8d 1c 43 49 8d 96 76 08 00 00 48 89 d0 48 c1 e8 03 48\nRSP: 0018:ffffc900031ef3f0 EFLAGS: 00010246\nRAX: 0c677a10441f8f42 RBX: 000000004fb95e7e RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000027d4b11f R08: ffffffff89e535a4 R09: 1ffffffff25e6ab7\nR10: dffffc0000000000 R11: ffffffff8135e920 R12: ffff88802a9f8d30\nR13: dffffc0000000000 R14: ffff88802a9f8d00 R15: 1ffff1100553f2da\nFS: 00005555775c0380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1155bf2304 CR3: 000000002b9f2000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcp_recvmsg_locked+0x106d/0x25a0 net/ipv4/tcp.c:2513\n tcp_recvmsg+0x25d/0x920 net/ipv4/tcp.c:2578\n inet6_recvmsg+0x16a/0x730 net/ipv6/af_inet6.c:680\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2803\n ___sys_recvmsg net/socket.c:2845 [inline]\n do_recvmmsg+0x474/0xae0 net/socket.c:2939\n __sys_recvmmsg net/socket.c:3018 [inline]\n __do_sys_recvmmsg net/socket.c:3041 [inline]\n __se_sys_recvmmsg net/socket.c:3034 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3034\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7faeb6363db9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcc1997168 EFLAGS: 00000246 ORIG_RAX: 000000000000012b\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faeb6363db9\nRDX: 0000000000000001 RSI: 0000000020000bc0 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000001c\nR10: 0000000000000122 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36905" }, { "category": "external", "summary": "RHBZ#2284539", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284539" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36905", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36905" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36905", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36905" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053036-CVE-2024-36905-5884@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053036-CVE-2024-36905-5884@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets" }, { "cve": "CVE-2024-36917", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284519" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix overflow in blk_ioctl_discard()\n\nThere is no check for overflow of \u0027start + len\u0027 in blk_ioctl_discard().\nHung task occurs if submit an discard ioctl with the following param:\n start = 0x80000000000ff000, len = 0x8000000000fff000;\nAdd the overflow validation now.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: block: fix overflow in blk_ioctl_discard()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36917" }, { "category": "external", "summary": "RHBZ#2284519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284519" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36917", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36917" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36917", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36917" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36917-f9e3@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36917-f9e3@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: block: fix overflow in blk_ioctl_discard()" }, { "cve": "CVE-2024-36921", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284513" } ], "notes": [ { "category": "description", "text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s Wireless WiFi Link Next-Gen AGN driver in how a user removes it. This flaw allows a local user to crash or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: iwlwifi: mvm: guard against invalid STA ID on removal", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36921" }, { "category": "external", "summary": "RHBZ#2284513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284513" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36921", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36921" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36921", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36921" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36921-9f90@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36921-9f90@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: iwlwifi: mvm: guard against invalid STA ID on removal" }, { "cve": "CVE-2024-36927", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284500" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: Fix uninit-value access in __ip_make_skb()\n\nKMSAN reported uninit-value access in __ip_make_skb() [1]. __ip_make_skb()\ntests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a\nrace condition. If calling setsockopt(2) with IP_HDRINCL changes HDRINCL\nwhile __ip_make_skb() is running, the function will access icmphdr in the\nskb even if it is not included. This causes the issue reported by KMSAN.\n\nCheck FLOWI_FLAG_KNOWN_NH on fl4-\u003eflowi4_flags instead of testing HDRINCL\non the socket.\n\nAlso, fl4-\u003efl4_icmp_type and fl4-\u003efl4_icmp_code are not initialized. These\nare union in struct flowi4 and are implicitly initialized by\nflowi4_init_output(), but we should not rely on specific union layout.\n\nInitialize these explicitly in raw_sendmsg().\n\n[1]\nBUG: KMSAN: uninit-value in __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481\n __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481\n ip_finish_skb include/net/ip.h:243 [inline]\n ip_push_pending_frames+0x4c/0x5c0 net/ipv4/ip_output.c:1508\n raw_sendmsg+0x2381/0x2690 net/ipv4/raw.c:654\n inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x274/0x3c0 net/socket.c:745\n __sys_sendto+0x62c/0x7b0 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x130/0x200 net/socket.c:2199\n do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3804 [inline]\n slab_alloc_node mm/slub.c:3845 [inline]\n kmem_cache_alloc_node+0x5f6/0xc50 mm/slub.c:3888\n kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:577\n __alloc_skb+0x35a/0x7c0 net/core/skbuff.c:668\n alloc_skb include/linux/skbuff.h:1318 [inline]\n __ip_append_data+0x49ab/0x68c0 net/ipv4/ip_output.c:1128\n ip_append_data+0x1e7/0x260 net/ipv4/ip_output.c:1365\n raw_sendmsg+0x22b1/0x2690 net/ipv4/raw.c:648\n inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x274/0x3c0 net/socket.c:745\n __sys_sendto+0x62c/0x7b0 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x130/0x200 net/socket.c:2199\n do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nCPU: 1 PID: 15709 Comm: syz-executor.7 Not tainted 6.8.0-11567-gb3603fcb79b1 #25\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ipv4: Fix uninit-value access in __ip_make_skb()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36927" }, { "category": "external", "summary": "RHBZ#2284500", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284500" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36927", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36927" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36927", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36927" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36927-976e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36927-976e@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ipv4: Fix uninit-value access in __ip_make_skb()" }, { "cve": "CVE-2024-36929", "cwe": { "id": "CWE-822", "name": "Untrusted Pointer Dereference" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284496" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: core: reject skb_copy(_expand) for fraglist GSO skbs\n\nSKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become\ninvalid. Return NULL if such an skb is passed to skb_copy or\nskb_copy_expand, in order to prevent a crash on a potential later\ncall to skb_gso_segment.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36929" }, { "category": "external", "summary": "RHBZ#2284496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36929", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36929" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36929", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36929" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053041-CVE-2024-36929-0329@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053041-CVE-2024-36929-0329@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs" }, { "cve": "CVE-2024-36933", "cwe": { "id": "CWE-457", "name": "Use of Uninitialized Variable" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284488" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnsh: Restore skb-\u003e{protocol,data,mac_header} for outer header in nsh_gso_segment().\n\nsyzbot triggered various splats (see [0] and links) by a crafted GSO\npacket of VIRTIO_NET_HDR_GSO_UDP layering the following protocols:\n\n ETH_P_8021AD + ETH_P_NSH + ETH_P_IPV6 + IPPROTO_UDP\n\nNSH can encapsulate IPv4, IPv6, Ethernet, NSH, and MPLS. As the inner\nprotocol can be Ethernet, NSH GSO handler, nsh_gso_segment(), calls\nskb_mac_gso_segment() to invoke inner protocol GSO handlers.\n\nnsh_gso_segment() does the following for the original skb before\ncalling skb_mac_gso_segment()\n\n 1. reset skb-\u003enetwork_header\n 2. save the original skb-\u003e{mac_heaeder,mac_len} in a local variable\n 3. pull the NSH header\n 4. resets skb-\u003emac_header\n 5. set up skb-\u003emac_len and skb-\u003eprotocol for the inner protocol.\n\nand does the following for the segmented skb\n\n 6. set ntohs(ETH_P_NSH) to skb-\u003eprotocol\n 7. push the NSH header\n 8. restore skb-\u003emac_header\n 9. set skb-\u003emac_header + mac_len to skb-\u003enetwork_header\n 10. restore skb-\u003emac_len\n\nThere are two problems in 6-7 and 8-9.\n\n (a)\n After 6 \u0026 7, skb-\u003edata points to the NSH header, so the outer header\n (ETH_P_8021AD in this case) is stripped when skb is sent out of netdev.\n\n Also, if NSH is encapsulated by NSH + Ethernet (so NSH-Ethernet-NSH),\n skb_pull() in the first nsh_gso_segment() will make skb-\u003edata point\n to the middle of the outer NSH or Ethernet header because the Ethernet\n header is not pulled by the second nsh_gso_segment().\n\n (b)\n While restoring skb-\u003e{mac_header,network_header} in 8 \u0026 9,\n nsh_gso_segment() does not assume that the data in the linear\n buffer is shifted.\n\n However, udp6_ufo_fragment() could shift the data and change\n skb-\u003emac_header accordingly as demonstrated by syzbot.\n\n If this happens, even the restored skb-\u003emac_header points to\n the middle of the outer header.\n\nIt seems nsh_gso_segment() has never worked with outer headers so far.\n\nAt the end of nsh_gso_segment(), the outer header must be restored for\nthe segmented skb, instead of the NSH header.\n\nTo do that, let\u0027s calculate the outer header position relatively from\nthe inner header and set skb-\u003e{data,mac_header,protocol} properly.\n\n[0]:\nBUG: KMSAN: uninit-value in ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:524 [inline]\nBUG: KMSAN: uninit-value in ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\nBUG: KMSAN: uninit-value in ipvlan_queue_xmit+0xf44/0x16b0 drivers/net/ipvlan/ipvlan_core.c:668\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:524 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n ipvlan_queue_xmit+0xf44/0x16b0 drivers/net/ipvlan/ipvlan_core.c:668\n ipvlan_start_xmit+0x5c/0x1a0 drivers/net/ipvlan/ipvlan_main.c:222\n __netdev_start_xmit include/linux/netdevice.h:4989 [inline]\n netdev_start_xmit include/linux/netdevice.h:5003 [inline]\n xmit_one net/core/dev.c:3547 [inline]\n dev_hard_start_xmit+0x244/0xa10 net/core/dev.c:3563\n __dev_queue_xmit+0x33ed/0x51c0 net/core/dev.c:4351\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n __do_kmalloc_node mm/slub.c:3980 [inline]\n __kmalloc_node_track_caller+0x705/0x1000 mm/slub.c:4001\n kmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:582\n __\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nsh: Restore skb-\u0026gt;{protocol,data,mac_header} for outer header in nsh_gso_segment().", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36933" }, { "category": "external", "summary": "RHBZ#2284488", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284488" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36933", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36933" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36933", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36933" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053042-CVE-2024-36933-444e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053042-CVE-2024-36933-444e@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: nsh: Restore skb-\u0026gt;{protocol,data,mac_header} for outer header in nsh_gso_segment()." }, { "cve": "CVE-2024-36940", "cwe": { "id": "CWE-415", "name": "Double Free" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284477" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: pinctrl: core: delete incorrect free in pinctrl_enable()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36940" }, { "category": "external", "summary": "RHBZ#2284477", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284477" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36940", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36940" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36940", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36940" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053043-CVE-2024-36940-0c83@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053043-CVE-2024-36940-0c83@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: pinctrl: core: delete incorrect free in pinctrl_enable()" }, { "cve": "CVE-2024-36941", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284474" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: don\u0027t free NULL coalescing rule\n\nIf the parsing fails, we can dereference a NULL pointer here.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: nl80211: don\u0026#39;t free NULL coalescing rule", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36941" }, { "category": "external", "summary": "RHBZ#2284474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284474" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36941", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36941", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36941" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053043-CVE-2024-36941-b3a3@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053043-CVE-2024-36941-b3a3@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: nl80211: don\u0026#39;t free NULL coalescing rule" }, { "cve": "CVE-2024-36950", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-05-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284625" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: ohci: mask bus reset interrupts between ISR and bottom half\n\nIn the FireWire OHCI interrupt handler, if a bus reset interrupt has\noccurred, mask bus reset interrupts until bus_reset_work has serviced and\ncleared the interrupt.\n\nNormally, we always leave bus reset interrupts masked. We infer the bus\nreset from the self-ID interrupt that happens shortly thereafter. A\nscenario where we unmask bus reset interrupts was introduced in 2008 in\na007bb857e0b26f5d8b73c2ff90782d9c0972620: If\nOHCI_PARAM_DEBUG_BUSRESETS (8) is set in the debug parameter bitmask, we\nwill unmask bus reset interrupts so we can log them.\n\nirq_handler logs the bus reset interrupt. However, we can\u0027t clear the bus\nreset event flag in irq_handler, because we won\u0027t service the event until\nlater. irq_handler exits with the event flag still set. If the\ncorresponding interrupt is still unmasked, the first bus reset will\nusually freeze the system due to irq_handler being called again each\ntime it exits. This freeze can be reproduced by loading firewire_ohci\nwith \"modprobe firewire_ohci debug=-1\" (to enable all debugging output).\nApparently there are also some cases where bus_reset_work will get called\nsoon enough to clear the event, and operation will continue normally.\n\nThis freeze was first reported a few months after a007bb85 was committed,\nbut until now it was never fixed. The debug level could safely be set\nto -1 through sysfs after the module was loaded, but this would be\nineffectual in logging bus reset interrupts since they were only\nunmasked during initialization.\n\nirq_handler will now leave the event flag set but mask bus reset\ninterrupts, so irq_handler won\u0027t be called again and there will be no\nfreeze. If OHCI_PARAM_DEBUG_BUSRESETS is enabled, bus_reset_work will\nunmask the interrupt after servicing the event, so future interrupts\nwill be caught as desired.\n\nAs a side effect to this change, OHCI_PARAM_DEBUG_BUSRESETS can now be\nenabled through sysfs in addition to during initial module loading.\nHowever, when enabled through sysfs, logging of bus reset interrupts will\nbe effective only starting with the second bus reset, after\nbus_reset_work has executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: firewire: ohci: mask bus reset interrupts between ISR and bottom half", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36950" }, { "category": "external", "summary": "RHBZ#2284625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284625" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36950", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36950" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36950", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36950" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36950-9f0e@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36950-9f0e@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: firewire: ohci: mask bus reset interrupts between ISR and bottom half" }, { "cve": "CVE-2024-36954", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-05-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284590" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tipc: fix a possible memleak in tipc_buf_append", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36954" }, { "category": "external", "summary": "RHBZ#2284590", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284590" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36954", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36954" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36954", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36954" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36954-b1b8@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053040-CVE-2024-36954-b1b8@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: tipc: fix a possible memleak in tipc_buf_append" }, { "cve": "CVE-2024-36960", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2024-06-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2290408" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix invalid reads in fence signaled events\n\nCorrectly set the length of the drm_event to the size of the structure\nthat\u0027s actually used.\n\nThe length of the drm_event was set to the parent structure instead of\nto the drm_vmw_event_fence which is supposed to be read. drm_read\nuses the length parameter to copy the event to the user space thus\nresuling in oob reads.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm/vmwgfx: Fix invalid reads in fence signaled events", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36960" }, { "category": "external", "summary": "RHBZ#2290408", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290408" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36960", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36960" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36960", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36960" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024060341-CVE-2024-36960-d1bf@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024060341-CVE-2024-36960-d1bf@gregkh/T" } ], "release_date": "2024-06-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: drm/vmwgfx: Fix invalid reads in fence signaled events" }, { "cve": "CVE-2024-36971", "discovery_date": "2024-06-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2292331" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u0027s network route management. This flaw allows an attacker to alter the behavior of certain network connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: kernel: UAF in network route management", "title": "Vulnerability summary" }, { "category": "other", "text": "Environments which use third-party KABI modules may experience kernel crashes after applying errata for CVE-2024-36971. Contact your module vendor about an update. Until these third party modules can be fixed, you can prevent crashes by disabling them. This problem stems from modules which use the `negative_advice()` function.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36971" }, { "category": "external", "summary": "RHBZ#2292331", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292331" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36971", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36971", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36971" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T", "url": "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2024-06-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2024-08-07T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "kernel: net: kernel: UAF in network route management" }, { "cve": "CVE-2024-36978", "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293078" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sch_multiq: fix possible OOB write in multiq_tune()\n\nq-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic\nafter kmalloc. So the old q-\u003ebands should not be used in kmalloc.\nOtherwise, an out-of-bounds write will occur.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36978" }, { "category": "external", "summary": "RHBZ#2293078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293078" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36978", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36978" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36978", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36978" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061926-CVE-2024-36978-b4b8@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061926-CVE-2024-36978-b4b8@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune()" }, { "cve": "CVE-2024-36979", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293276" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: mst: fix vlan use-after-free\n\nsyzbot reported a suspicious rcu usage[1] in bridge\u0027s mst code. While\nfixing it I noticed that nothing prevents a vlan to be freed while\nwalking the list from the same path (br forward delay timer). Fix the rcu\nusage and also make sure we are not accessing freed memory by making\nbr_mst_vlan_set_state use rcu read lock.\n\n[1]\n WARNING: suspicious RCU usage\n 6.9.0-rc6-syzkaller #0 Not tainted\n -----------------------------\n net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage!\n ...\n stack backtrace:\n CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n Call Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712\n nbp_vlan_group net/bridge/br_private.h:1599 [inline]\n br_mst_set_state+0x1ea/0x650 net/bridge/br_mst.c:105\n br_set_state+0x28a/0x7b0 net/bridge/br_stp.c:47\n br_forward_delay_timer_expired+0x176/0x440 net/bridge/br_stp_timer.c:88\n call_timer_fn+0x18e/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2429\n run_timer_base kernel/time/timer.c:2438 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2448\n __do_softirq+0x2c6/0x980 kernel/softirq.c:554\n invoke_softirq kernel/softirq.c:428 [inline]\n __irq_exit_rcu+0xf2/0x1c0 kernel/softirq.c:633\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:645\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5758\n Code: 2b 00 74 08 4c 89 f7 e8 ba d1 84 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u003c4b\u003e c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25\n RSP: 0018:ffffc90013657100 EFLAGS: 00000206\n RAX: 0000000000000001 RBX: 1ffff920026cae2c RCX: 0000000000000001\n RDX: dffffc0000000000 RSI: ffffffff8bcaca00 RDI: ffffffff8c1eaa60\n RBP: ffffc90013657260 R08: ffffffff92efe507 R09: 1ffffffff25dfca0\n R10: dffffc0000000000 R11: fffffbfff25dfca1 R12: 1ffff920026cae28\n R13: dffffc0000000000 R14: ffffc90013657160 R15: 0000000000000246", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: bridge: mst: fix vlan use-after-free", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36979" }, { "category": "external", "summary": "RHBZ#2293276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293276" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36979", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36979" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36979", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36979" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061945-CVE-2024-36979-b4a6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061945-CVE-2024-36979-b4a6@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: bridge: mst: fix vlan use-after-free" }, { "cve": "CVE-2024-38538", "cwe": { "id": "CWE-99", "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)" }, "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293461" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: xmit: make sure we have at least eth header len bytes\n\nsyzbot triggered an uninit value[1] error in bridge device\u0027s xmit path\nby sending a short (less than ETH_HLEN bytes) skb. To fix it check if\nwe can actually pull that amount instead of assuming.\n\nTested with dropwatch:\n drop at: br_dev_xmit+0xb93/0x12d0 [bridge] (0xffffffffc06739b3)\n origin: software\n timestamp: Mon May 13 11:31:53 2024 778214037 nsec\n protocol: 0x88a8\n length: 2\n original length: 2\n drop reason: PKT_TOO_SMALL\n\n[1]\nBUG: KMSAN: uninit-value in br_dev_xmit+0x61d/0x1cb0 net/bridge/br_device.c:65\n br_dev_xmit+0x61d/0x1cb0 net/bridge/br_device.c:65\n __netdev_start_xmit include/linux/netdevice.h:4903 [inline]\n netdev_start_xmit include/linux/netdevice.h:4917 [inline]\n xmit_one net/core/dev.c:3531 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3547\n __dev_queue_xmit+0x34db/0x5350 net/core/dev.c:4341\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n __bpf_tx_skb net/core/filter.c:2136 [inline]\n __bpf_redirect_common net/core/filter.c:2180 [inline]\n __bpf_redirect+0x14a6/0x1620 net/core/filter.c:2187\n ____bpf_clone_redirect net/core/filter.c:2460 [inline]\n bpf_clone_redirect+0x328/0x470 net/core/filter.c:2432\n ___bpf_prog_run+0x13fe/0xe0f0 kernel/bpf/core.c:1997\n __bpf_prog_run512+0xb5/0xe0 kernel/bpf/core.c:2238\n bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline]\n __bpf_prog_run include/linux/filter.h:657 [inline]\n bpf_prog_run include/linux/filter.h:664 [inline]\n bpf_test_run+0x499/0xc30 net/bpf/test_run.c:425\n bpf_prog_test_run_skb+0x14ea/0x1f20 net/bpf/test_run.c:1058\n bpf_prog_test_run+0x6b7/0xad0 kernel/bpf/syscall.c:4269\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5678\n __do_sys_bpf kernel/bpf/syscall.c:5767 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5765 [inline]\n __x64_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5765\n x64_sys_call+0x96b/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net: bridge: xmit: make sure we have at least eth header len bytes", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38538" }, { "category": "external", "summary": "RHBZ#2293461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38538", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38538" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38538", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38538" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38538-e28a@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38538-e28a@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net: bridge: xmit: make sure we have at least eth header len bytes" }, { "cve": "CVE-2024-38555", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293444" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Discard command completions in internal error\n\nFix use after free when FW completion arrives while device is in\ninternal error state. Avoid calling completion handler in this case,\nsince the device will flush the command interface and trigger all\ncompletions manually.\n\nKernel log:\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\n...\nRIP: 0010:refcount_warn_saturate+0xd8/0xe0\n...\nCall Trace:\n\u003cIRQ\u003e\n? __warn+0x79/0x120\n? refcount_warn_saturate+0xd8/0xe0\n? report_bug+0x17c/0x190\n? handle_bug+0x3c/0x60\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? refcount_warn_saturate+0xd8/0xe0\ncmd_ent_put+0x13b/0x160 [mlx5_core]\nmlx5_cmd_comp_handler+0x5f9/0x670 [mlx5_core]\ncmd_comp_notifier+0x1f/0x30 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nmlx5_eq_async_int+0xf6/0x290 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nirq_int_handler+0x19/0x30 [mlx5_core]\n__handle_irq_event_percpu+0x4b/0x160\nhandle_irq_event+0x2e/0x80\nhandle_edge_irq+0x98/0x230\n__common_interrupt+0x3b/0xa0\ncommon_interrupt+0x7b/0xa0\n\u003c/IRQ\u003e\n\u003cTASK\u003e\nasm_common_interrupt+0x22/0x40", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/mlx5: Discard command completions in internal error", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38555" }, { "category": "external", "summary": "RHBZ#2293444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293444" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38555", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38555" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38555", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38555" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061952-CVE-2024-38555-aefb@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061952-CVE-2024-38555-aefb@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/mlx5: Discard command completions in internal error" }, { "cve": "CVE-2024-38573", "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293420" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in cppc_cpufreq_get_rate() in the Linux kernel. This issue may result in a crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: cppc_cpufreq: Fix possible null pointer dereference", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38573" }, { "category": "external", "summary": "RHBZ#2293420", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293420" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38573", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38573" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38573", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38573" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38573-d4b6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061957-CVE-2024-38573-d4b6@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: cppc_cpufreq: Fix possible null pointer dereference" }, { "cve": "CVE-2024-38575", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293418" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: pcie: handle randbuf allocation failure\n\nThe kzalloc() in brcmf_pcie_download_fw_nvram() will return null\nif the physical memory has run out. As a result, if we use\nget_random_bytes() to generate random bytes in the randbuf, the\nnull pointer dereference bug will happen.\n\nIn order to prevent allocation failure, this patch adds a separate\nfunction using buffer on kernel stack to generate random bytes in\nthe randbuf, which could prevent the kernel stack from overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: brcmfmac: pcie: handle randbuf allocation failure", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38575" }, { "category": "external", "summary": "RHBZ#2293418", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293418" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38575", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38575" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38575", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38575" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061946-CVE-2024-38575-8b6b@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061946-CVE-2024-38575-8b6b@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: wifi: brcmfmac: pcie: handle randbuf allocation failure" }, { "cve": "CVE-2024-38596", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293371" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix data races in unix_release_sock/unix_stream_sendmsg\n\nA data-race condition has been identified in af_unix. In one data path,\nthe write function unix_release_sock() atomically writes to\nsk-\u003esk_shutdown using WRITE_ONCE. However, on the reader side,\nunix_stream_sendmsg() does not read it atomically. Consequently, this\nissue is causing the following KCSAN splat to occur:\n\n\tBUG: KCSAN: data-race in unix_release_sock / unix_stream_sendmsg\n\n\twrite (marked) to 0xffff88867256ddbb of 1 bytes by task 7270 on cpu 28:\n\tunix_release_sock (net/unix/af_unix.c:640)\n\tunix_release (net/unix/af_unix.c:1050)\n\tsock_close (net/socket.c:659 net/socket.c:1421)\n\t__fput (fs/file_table.c:422)\n\t__fput_sync (fs/file_table.c:508)\n\t__se_sys_close (fs/open.c:1559 fs/open.c:1541)\n\t__x64_sys_close (fs/open.c:1541)\n\tx64_sys_call (arch/x86/entry/syscall_64.c:33)\n\tdo_syscall_64 (arch/x86/entry/common.c:?)\n\tentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\n\tread to 0xffff88867256ddbb of 1 bytes by task 989 on cpu 14:\n\tunix_stream_sendmsg (net/unix/af_unix.c:2273)\n\t__sock_sendmsg (net/socket.c:730 net/socket.c:745)\n\t____sys_sendmsg (net/socket.c:2584)\n\t__sys_sendmmsg (net/socket.c:2638 net/socket.c:2724)\n\t__x64_sys_sendmmsg (net/socket.c:2753 net/socket.c:2750 net/socket.c:2750)\n\tx64_sys_call (arch/x86/entry/syscall_64.c:33)\n\tdo_syscall_64 (arch/x86/entry/common.c:?)\n\tentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\n\tvalue changed: 0x01 -\u003e 0x03\n\nThe line numbers are related to commit dd5a440a31fa (\"Linux 6.9-rc7\").\n\nCommit e1d09c2c2f57 (\"af_unix: Fix data races around sk-\u003esk_shutdown.\")\naddressed a comparable issue in the past regarding sk-\u003esk_shutdown.\nHowever, it overlooked resolving this particular data path.\nThis patch only offending unix_stream_sendmsg() function, since the\nother reads seem to be protected by unix_state_lock() as discussed in", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38596" }, { "category": "external", "summary": "RHBZ#2293371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293371" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38596", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38596" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38596", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38596" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38596-f660@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061956-CVE-2024-38596-f660@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg" }, { "cve": "CVE-2024-38615", "cwe": { "id": "CWE-459", "name": "Incomplete Cleanup" }, "discovery_date": "2024-06-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293348" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: exit() callback is optional\n\nThe exit() callback is optional and shouldn\u0027t be called without checking\na valid pointer first.\n\nAlso, we must clear freq_table pointer even if the exit() callback isn\u0027t\npresent.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: cpufreq: exit() callback is optional", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38615" }, { "category": "external", "summary": "RHBZ#2293348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293348" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38615", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38615" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38615", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38615" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2024-38615-0d4c@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024061922-CVE-2024-38615-0d4c@gregkh/T" } ], "release_date": "2024-06-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: cpufreq: exit() callback is optional" }, { "cve": "CVE-2024-38627", "cwe": { "id": "CWE-415", "name": "Double Free" }, "discovery_date": "2024-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2293700" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstm class: Fix a double free in stm_register_device()\n\nThe put_device(\u0026stm-\u003edev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: stm class: Fix a double free in stm_register_device()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38627" }, { "category": "external", "summary": "RHBZ#2293700", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293700" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38627", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38627" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38627", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38627" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024062140-CVE-2024-38627-9b57@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024062140-CVE-2024-38627-9b57@gregkh/T" } ], "release_date": "2024-06-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: stm class: Fix a double free in stm_register_device()" }, { "cve": "CVE-2024-39276", "cwe": { "id": "CWE-402", "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)" }, "discovery_date": "2024-06-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2294274" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix mb_cache_entry\u0027s e_refcnt leak in ext4_xattr_block_cache_find()\n\nSyzbot reports a warning as follows:\n\n============================================\nWARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290\nModules linked in:\nCPU: 0 PID: 5075 Comm: syz-executor199 Not tainted 6.9.0-rc6-gb947cc5bf6d7\nRIP: 0010:mb_cache_destroy+0x224/0x290 fs/mbcache.c:419\nCall Trace:\n \u003cTASK\u003e\n ext4_put_super+0x6d4/0xcd0 fs/ext4/super.c:1375\n generic_shutdown_super+0x136/0x2d0 fs/super.c:641\n kill_block_super+0x44/0x90 fs/super.c:1675\n ext4_kill_sb+0x68/0xa0 fs/ext4/super.c:7327\n[...]\n============================================\n\nThis is because when finding an entry in ext4_xattr_block_cache_find(), if\next4_sb_bread() returns -ENOMEM, the ce\u0027s e_refcnt, which has already grown\nin the __entry_find(), won\u0027t be put away, and eventually trigger the above\nissue in mb_cache_destroy() due to reference count leakage.\n\nSo call mb_cache_entry_put() on the -ENOMEM error branch as a quick fix.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ext4: fix mb_cache_entry\u0026#39;s e_refcnt leak in ext4_xattr_block_cache_find()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39276" }, { "category": "external", "summary": "RHBZ#2294274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39276", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39276" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39276", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39276" } ], "release_date": "2024-06-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ext4: fix mb_cache_entry\u0026#39;s e_refcnt leak in ext4_xattr_block_cache_find()" }, { "cve": "CVE-2024-39472", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2024-07-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2296067" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix log recovery buffer allocation for the legacy h_size fixup\n\nCommit a70f9fe52daa (\"xfs: detect and handle invalid iclog size set by\nmkfs\") added a fixup for incorrect h_size values used for the initial\numount record in old xfsprogs versions. Later commit 0c771b99d6c9\n(\"xfs: clean up calculation of LR header blocks\") cleaned up the log\nreover buffer calculation, but stoped using the fixed up h_size value\nto size the log recovery buffer, which can lead to an out of bounds\naccess when the incorrect h_size does not come from the old mkfs\ntool, but a fuzzer.\n\nFix this by open coding xlog_logrec_hblks and taking the fixed h_size\ninto account for this calculation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39472" }, { "category": "external", "summary": "RHBZ#2296067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296067" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39472", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39472" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39472", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39472" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024070512-CVE-2024-39472-f977@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024070512-CVE-2024-39472-f977@gregkh/T" } ], "release_date": "2024-07-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup" }, { "cve": "CVE-2024-39476", "cwe": { "id": "CWE-833", "name": "Deadlock" }, "discovery_date": "2024-07-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2295914" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING\n\nXiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with\nsmall possibility, the root cause is exactly the same as commit\nbed9e27baf52 (\"Revert \"md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d\"\")\n\nHowever, Dan reported another hang after that, and junxiao investigated\nthe problem and found out that this is caused by plugged bio can\u0027t issue\nfrom raid5d().\n\nCurrent implementation in raid5d() has a weird dependence:\n\n1) md_check_recovery() from raid5d() must hold \u0027reconfig_mutex\u0027 to clear\n MD_SB_CHANGE_PENDING;\n2) raid5d() handles IO in a deadloop, until all IO are issued;\n3) IO from raid5d() must wait for MD_SB_CHANGE_PENDING to be cleared;\n\nThis behaviour is introduce before v2.6, and for consequence, if other\ncontext hold \u0027reconfig_mutex\u0027, and md_check_recovery() can\u0027t update\nsuper_block, then raid5d() will waste one cpu 100% by the deadloop, until\n\u0027reconfig_mutex\u0027 is released.\n\nRefer to the implementation from raid1 and raid10, fix this problem by\nskipping issue IO if MD_SB_CHANGE_PENDING is still set after\nmd_check_recovery(), daemon thread will be woken up when \u0027reconfig_mutex\u0027\nis released. Meanwhile, the hang problem will be fixed as well.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39476" }, { "category": "external", "summary": "RHBZ#2295914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295914" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39476", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39476" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39476", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39476" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024070518-CVE-2024-39476-aa2d@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024070518-CVE-2024-39476-aa2d@gregkh/T" } ], "release_date": "2024-07-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING" }, { "cve": "CVE-2024-39487", "discovery_date": "2024-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2297056" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()\n\nIn function bond_option_arp_ip_targets_set(), if newval-\u003estring is an\nempty string, newval-\u003estring+1 will point to the byte after the\nstring, causing an out-of-bound read.\n\nBUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418\nRead of size 1 at addr ffff8881119c4781 by task syz-executor665/8107\nCPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0xc1/0x5e0 mm/kasan/report.c:475\n kasan_report+0xbe/0xf0 mm/kasan/report.c:588\n strlen+0x7d/0xa0 lib/string.c:418\n __fortify_strlen include/linux/fortify-string.h:210 [inline]\n in4_pton+0xa3/0x3f0 net/core/utils.c:130\n bond_option_arp_ip_targets_set+0xc2/0x910\ndrivers/net/bonding/bond_options.c:1201\n __bond_opt_set+0x2a4/0x1030 drivers/net/bonding/bond_options.c:767\n __bond_opt_set_notify+0x48/0x150 drivers/net/bonding/bond_options.c:792\n bond_opt_tryset_rtnl+0xda/0x160 drivers/net/bonding/bond_options.c:817\n bonding_sysfs_store_option+0xa1/0x120 drivers/net/bonding/bond_sysfs.c:156\n dev_attr_store+0x54/0x80 drivers/base/core.c:2366\n sysfs_kf_write+0x114/0x170 fs/sysfs/file.c:136\n kernfs_fop_write_iter+0x337/0x500 fs/kernfs/file.c:334\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x96a/0xd80 fs/read_write.c:584\n ksys_write+0x122/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n---[ end trace ]---\n\nFix it by adding a check of string length before using it.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39487" }, { "category": "external", "summary": "RHBZ#2297056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297056" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39487", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39487" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39487", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39487" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024070912-CVE-2024-39487-f52c@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024070912-CVE-2024-39487-f52c@gregkh/T" } ], "release_date": "2024-07-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()" }, { "cve": "CVE-2024-39502", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2297474" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nionic: fix use after netif_napi_del()\n\nWhen queues are started, netif_napi_add() and napi_enable() are called.\nIf there are 4 queues and only 3 queues are used for the current\nconfiguration, only 3 queues\u0027 napi should be registered and enabled.\nThe ionic_qcq_enable() checks whether the .poll pointer is not NULL for\nenabling only the using queue\u0027 napi. Unused queues\u0027 napi will not be\nregistered by netif_napi_add(), so the .poll pointer indicates NULL.\nBut it couldn\u0027t distinguish whether the napi was unregistered or not\nbecause netif_napi_del() doesn\u0027t reset the .poll pointer to NULL.\nSo, ionic_qcq_enable() calls napi_enable() for the queue, which was\nunregistered by netif_napi_del().\n\nReproducer:\n ethtool -L \u003cinterface name\u003e rx 1 tx 1 combined 0\n ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 1\n ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 4\n\nSplat looks like:\nkernel BUG at net/core/dev.c:6666!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 1057 Comm: kworker/3:3 Not tainted 6.10.0-rc2+ #16\nWorkqueue: events ionic_lif_deferred_work [ionic]\nRIP: 0010:napi_enable+0x3b/0x40\nCode: 48 89 c2 48 83 e2 f6 80 b9 61 09 00 00 00 74 0d 48 83 bf 60 01 00 00 00 74 03 80 ce 01 f0 4f\nRSP: 0018:ffffb6ed83227d48 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff97560cda0828 RCX: 0000000000000029\nRDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff97560cda0a28\nRBP: ffffb6ed83227d50 R08: 0000000000000400 R09: 0000000000000001\nR10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000\nR13: ffff97560ce3c1a0 R14: 0000000000000000 R15: ffff975613ba0a20\nFS: 0000000000000000(0000) GS:ffff975d5f780000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8f734ee200 CR3: 0000000103e50000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die+0x33/0x90\n ? do_trap+0xd9/0x100\n ? napi_enable+0x3b/0x40\n ? do_error_trap+0x83/0xb0\n ? napi_enable+0x3b/0x40\n ? napi_enable+0x3b/0x40\n ? exc_invalid_op+0x4e/0x70\n ? napi_enable+0x3b/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? napi_enable+0x3b/0x40\n ionic_qcq_enable+0xb7/0x180 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_start_queues+0xc4/0x290 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_link_status_check+0x11c/0x170 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_lif_deferred_work+0x129/0x280 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n process_one_work+0x145/0x360\n worker_thread+0x2bb/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ionic: fix use after netif_napi_del()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39502" }, { "category": "external", "summary": "RHBZ#2297474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297474" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39502", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39502" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T" } ], "release_date": "2024-07-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ionic: fix use after netif_napi_del()" }, { "cve": "CVE-2024-40927", "cwe": { "id": "CWE-820", "name": "Missing Synchronization" }, "discovery_date": "2024-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2297511" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Handle TD clearing for multiple streams case\n\nWhen multiple streams are in use, multiple TDs might be in flight when\nan endpoint is stopped. We need to issue a Set TR Dequeue Pointer for\neach, to ensure everything is reset properly and the caches cleared.\nChange the logic so that any N\u003e1 TDs found active for different streams\nare deferred until after the first one is processed, calling\nxhci_invalidate_cancelled_tds() again from xhci_handle_cmd_set_deq() to\nqueue another command until we are done with all of them. Also change\nthe error/\"should never happen\" paths to ensure we at least clear any\naffected TDs, even if we can\u0027t issue a command to clear the hardware\ncache, and complain loudly with an xhci_warn() if this ever happens.\n\nThis problem case dates back to commit e9df17eb1408 (\"USB: xhci: Correct\nassumptions about number of rings per endpoint.\") early on in the XHCI\ndriver\u0027s life, when stream support was first added.\nIt was then identified but not fixed nor made into a warning in commit\n674f8438c121 (\"xhci: split handling halted endpoints into two steps\"),\nwhich added a FIXME comment for the problem case (without materially\nchanging the behavior as far as I can tell, though the new logic made\nthe problem more obvious).\n\nThen later, in commit 94f339147fc3 (\"xhci: Fix failure to give back some\ncached cancelled URBs.\"), it was acknowledged again.\n\n[Mathias: commit 94f339147fc3 (\"xhci: Fix failure to give back some cached\ncancelled URBs.\") was a targeted regression fix to the previously mentioned\npatch. Users reported issues with usb stuck after unmounting/disconnecting\nUAS devices. This rolled back the TD clearing of multiple streams to its\noriginal state.]\n\nApparently the commit author was aware of the problem (yet still chose\nto submit it): It was still mentioned as a FIXME, an xhci_dbg() was\nadded to log the problem condition, and the remaining issue was mentioned\nin the commit description. The choice of making the log type xhci_dbg()\nfor what is, at this point, a completely unhandled and known broken\ncondition is puzzling and unfortunate, as it guarantees that no actual\nusers would see the log in production, thereby making it nigh\nundebuggable (indeed, even if you turn on DEBUG, the message doesn\u0027t\nreally hint at there being a problem at all).\n\nIt took me *months* of random xHC crashes to finally find a reliable\nrepro and be able to do a deep dive debug session, which could all have\nbeen avoided had this unhandled, broken condition been actually reported\nwith a warning, as it should have been as a bug intentionally left in\nunfixed (never mind that it shouldn\u0027t have been left in at all).\n\n\u003e Another fix to solve clearing the caches of all stream rings with\n\u003e cancelled TDs is needed, but not as urgent.\n\n3 years after that statement and 14 years after the original bug was\nintroduced, I think it\u0027s finally time to fix it. And maybe next time\nlet\u0027s not leave bugs unfixed (that are actually worse than the original\nbug), and let\u0027s actually get people to review kernel commits please.\n\nFixes xHC crashes and IOMMU faults with UAS devices when handling\nerrors/faults. Easiest repro is to use `hdparm` to mark an early sector\n(e.g. 1024) on a disk as bad, then `cat /dev/sdX \u003e /dev/null` in a loop.\nAt least in the case of JMicron controllers, the read errors end up\nhaving to cancel two TDs (for two queued requests to different streams)\nand the one that didn\u0027t get cleared properly ends up faulting the xHC\nentirely when it tries to access DMA pages that have since been unmapped,\nreferred to by the stale TDs. This normally happens quickly (after two\nor three loops). After this fix, I left the `cat` in a loop running\novernight and experienced no xHC failures, with all read errors\nrecovered properly. Repro\u0027d and tested on an Apple M1 Mac Mini\n(dwc3 host).\n\nOn systems without an IOMMU, this bug would instead silently corrupt\nfreed memory, making this a\n---truncated---", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xhci: Handle TD clearing for multiple streams case", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-40927" }, { "category": "external", "summary": "RHBZ#2297511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297511" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-40927", "url": "https://www.cve.org/CVERecord?id=CVE-2024-40927" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40927", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40927" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024071214-CVE-2024-40927-3dcb@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024071214-CVE-2024-40927-3dcb@gregkh/T" } ], "release_date": "2024-07-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5102" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.src", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64", "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.16.1.rt7.357.el8_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: xhci: Handle TD clearing for multiple streams case" } ] }
Loading...