csaf_redhat - rhsa-2024

rhsa-2024_5256

Vulnerability from csaf_redhat

Published

2024-08-13 00:13

Modified

2024-11-06 06:38

Summary

Red Hat Security Advisory: kernel-rt security update

Notes

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642) * kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (CVE-2024-26808) * kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886) * kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993) * kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823) * kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397) * kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow (CVE-2024-27403) * kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898) * kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion (CVE-2024-35897) * kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971) * kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502) * kernel: scsi: qedi: Fix crash while reading debugfs attribute (CVE-2024-40978) * kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change (CVE-2021-47624) * kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090) * kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091) Bug Fix(es): * kernel-rt: update RT source tree to the latest RHEL-9.0.z Batch 19 (JIRA:RHEL-45540) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: netfilter: nf_tables: disallow anonymous set with timeout flag (CVE-2024-26642)\n\n* kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (CVE-2024-26808)\n\n* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)\n\n* kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993)\n\n* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)\n\n* kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)\n\n* kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow (CVE-2024-27403)\n\n* kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)\n\n* kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion (CVE-2024-35897)\n\n* kernel: net: CVE-2024-36971 kernel: UAF in network route management (CVE-2024-36971)\n\n* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)\n\n* kernel: scsi: qedi: Fix crash while reading debugfs attribute (CVE-2024-40978)\n\n* kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change (CVE-2021-47624)\n\n* kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)\n\n* kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest RHEL-9.0.z Batch 19 (JIRA:RHEL-45540)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:5256",
        "url": "https://access.redhat.com/errata/RHSA-2024:5256"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2270881",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270881"
      },
      {
        "category": "external",
        "summary": "2273405",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273405"
      },
      {
        "category": "external",
        "summary": "2277238",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277238"
      },
      {
        "category": "external",
        "summary": "2278314",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278314"
      },
      {
        "category": "external",
        "summary": "2278989",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278989"
      },
      {
        "category": "external",
        "summary": "2280434",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280434"
      },
      {
        "category": "external",
        "summary": "2281127",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281127"
      },
      {
        "category": "external",
        "summary": "2281669",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281669"
      },
      {
        "category": "external",
        "summary": "2281672",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281672"
      },
      {
        "category": "external",
        "summary": "2292331",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292331"
      },
      {
        "category": "external",
        "summary": "2297474",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297474"
      },
      {
        "category": "external",
        "summary": "2297562",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297562"
      },
      {
        "category": "external",
        "summary": "2298108",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298108"
      },
      {
        "category": "external",
        "summary": "2299240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299240"
      },
      {
        "category": "external",
        "summary": "2299336",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299336"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5256.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security update",
    "tracking": {
      "current_release_date": "2024-11-06T06:38:00+00:00",
      "generator": {
        "date": "2024-11-06T06:38:00+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.1.1"
        }
      },
      "id": "RHSA-2024:5256",
      "initial_release_date": "2024-08-13T00:13:06+00:00",
      "revision_history": [
        {
          "date": "2024-08-13T00:13:06+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-08-13T00:13:06+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-06T06:38:00+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
                "product": {
                  "name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
                  "product_id": "NFV-9.0.0.Z.E4S",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
                "product": {
                  "name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
                  "product_id": "RT-9.0.0.Z.E4S",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_e4s:9.0::realtime"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
                "product": {
                  "name": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
                  "product_id": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.112.1.rt21.184.el9_0?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-70.112.1.rt21.184.el9_0?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src"
        },
        "product_reference": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src"
        },
        "product_reference": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-47624",
      "cwe": {
        "id": "CWE-402",
        "name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
      },
      "discovery_date": "2024-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298108"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the Linux kernel\u2019s SunRpc filesystem (sysfs). This flaw allows a local user to crash the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-47624"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298108",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298108"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47624",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-47624"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47624",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47624"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071646-CVE-2021-47624-86cd@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071646-CVE-2021-47624-86cd@gregkh/T"
        }
      ],
      "release_date": "2024-07-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, prevent module sunrpc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change"
    },
    {
      "cve": "CVE-2024-21823",
      "discovery_date": "2024-05-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278989"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-21823"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278989",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278989"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21823",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21823",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21823"
        }
      ],
      "release_date": "2024-05-14T17:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application"
    },
    {
      "cve": "CVE-2024-26642",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "discovery_date": "2024-03-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2270881"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: netfilter: nf_tables: disallow anonymous set with timeout flag",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-26642"
        },
        {
          "category": "external",
          "summary": "RHBZ#2270881",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270881"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26642",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26642",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26642"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26642-3549@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024032150-CVE-2024-26642-3549@gregkh/T"
        }
      ],
      "release_date": "2024-03-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "kernel: netfilter: nf_tables: disallow anonymous set with timeout flag"
    },
    {
      "cve": "CVE-2024-26808",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2024-04-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2273405"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Linux kernel\u0027s netfilter subsystem, related to the nft_chain_filter feature. This issue occurs when a NETDEV_UNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale reference could result in lingering issues with network device handling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability has been fixed by ensuring that network devices are correctly removed from the basechain when these events occur. It affects multiple Linux kernel versions and is rated as a medium-severity issue with a CVSS v3 base score of 5.5, indicating it could lead to a denial of service under certain conditions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-26808"
        },
        {
          "category": "external",
          "summary": "RHBZ#2273405",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273405"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26808",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26808",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26808"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024040458-CVE-2024-26808-2df2@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024040458-CVE-2024-26808-2df2@gregkh/T"
        }
      ],
      "release_date": "2024-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain"
    },
    {
      "cve": "CVE-2024-26993",
      "discovery_date": "2024-05-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278314"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path.  If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called).  As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-26993"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278314",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278314"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26993",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-26993"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26993",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26993"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26993-fe52@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024050144-CVE-2024-26993-fe52@gregkh/T"
        }
      ],
      "release_date": "2024-05-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection()"
    },
    {
      "cve": "CVE-2024-27397",
      "discovery_date": "2024-05-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2280434"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free flaw was found in the Linux kernel\u2019s netfilter subsystem in how a user triggers the element timeout. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: netfilter: nf_tables: use timestamp to check for set element timeout",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability impact level between Moderate and High, and chosen Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-27397"
        },
        {
          "category": "external",
          "summary": "RHBZ#2280434",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280434"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27397",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-27397"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27397",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27397"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024050837-CVE-2024-27397-fd1e@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024050837-CVE-2024-27397-fd1e@gregkh/T"
        }
      ],
      "release_date": "2024-05-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        },
        {
          "category": "workaround",
          "details": "In order to trigger the issue, it requires the ability to create user/net namespaces.\n\nOn non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: netfilter: nf_tables: use timestamp to check for set element timeout"
    },
    {
      "cve": "CVE-2024-27403",
      "discovery_date": "2024-05-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2281127"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_flow_offload: reset dst in route object after setting up flow\n\ndst is transferred to the flow object, route object does not own it\nanymore.  Reset dst in route object, otherwise if flow_offload_add()\nfails, error path releases dst twice, leading to a refcount underflow.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-27403"
        },
        {
          "category": "external",
          "summary": "RHBZ#2281127",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281127"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-27403",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-27403"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27403",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27403"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-27403-c4ba@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-27403-c4ba@gregkh/T"
        }
      ],
      "release_date": "2024-05-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow"
    },
    {
      "cve": "CVE-2024-35897",
      "discovery_date": "2024-05-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2281672"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\n\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-35897"
        },
        {
          "category": "external",
          "summary": "RHBZ#2281672",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281672"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35897",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-35897"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35897",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35897"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T"
        }
      ],
      "release_date": "2024-05-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion"
    },
    {
      "cve": "CVE-2024-35898",
      "discovery_date": "2024-05-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2281669"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\n\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-35898"
        },
        {
          "category": "external",
          "summary": "RHBZ#2281669",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281669"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-35898",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-35898"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-35898",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35898"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35898-a10e@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35898-a10e@gregkh/T"
        }
      ],
      "release_date": "2024-05-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()"
    },
    {
      "cve": "CVE-2024-36886",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2024-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2277238"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free (UAF) flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipc_buf_append() function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on \"struct sk_buff\", which may lead to remote code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: TIPC message reassembly use-after-free remote code execution vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "While the TIPC module is not loaded by default, this flaw might be used as one in a series of attacks. For that reason, and because of the possibility of remote code execution on systems where this module has been loaded, Red Hat assesses the impact of this flaw as Important.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-36886"
        },
        {
          "category": "external",
          "summary": "RHBZ#2277238",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277238"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36886",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36886"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36886",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36886"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/all/752f1ccf762223d109845365d07f55414058e5a3.1714484273.git.pabeni@redhat.com/",
          "url": "https://lore.kernel.org/all/752f1ccf762223d109845365d07f55414058e5a3.1714484273.git.pabeni@redhat.com/"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36886-dd83@gregkh/T/#u",
          "url": "https://lore.kernel.org/linux-cve-announce/2024053033-CVE-2024-36886-dd83@gregkh/T/#u"
        }
      ],
      "release_date": "2024-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        },
        {
          "category": "workaround",
          "details": "The TIPC module is not automatically loaded in default configurations. When required, administrative privileges are required to explicitly load this module.\nTo determine if the TIPC module is loaded, use the following command:\n# grep tipc /proc/modules\nLook for output similar to the following:\ntipc 479232 0 - Live 0xffffffffc1ba5000\nip6_udp_tunnel 16384 1 tipc, Live 0xffffffffc1b9b000\nudp_tunnel 32768 1 tipc, Live 0xffffffffc1b8b000\n\nLoading the module can be prevented with the following instructions:\n# echo \"install tipc /bin/true\" \u003e\u003e /etc/modprobe.d/disable-tipc.conf\nThe system will need to be restarted if the module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: TIPC message reassembly use-after-free remote code execution vulnerability"
    },
    {
      "cve": "CVE-2024-36971",
      "discovery_date": "2024-06-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2292331"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s network route management. This flaw allows an attacker to alter the behavior of certain network connections.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: net: kernel: UAF in network route management",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Environments which use third-party KABI modules may experience kernel crashes after applying errata for CVE-2024-36971. Contact your module vendor about an update. Until these third party modules can be fixed, you can prevent crashes by disabling them. This problem stems from modules which use the `negative_advice()` function.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-36971"
        },
        {
          "category": "external",
          "summary": "RHBZ#2292331",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292331"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36971",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36971",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36971"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T",
          "url": "https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2024-06-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2024-08-07T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: net: kernel: UAF in network route management"
    },
    {
      "cve": "CVE-2024-39502",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2024-07-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297474"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nionic: fix use after netif_napi_del()\n\nWhen queues are started, netif_napi_add() and napi_enable() are called.\nIf there are 4 queues and only 3 queues are used for the current\nconfiguration, only 3 queues\u0027 napi should be registered and enabled.\nThe ionic_qcq_enable() checks whether the .poll pointer is not NULL for\nenabling only the using queue\u0027 napi. Unused queues\u0027 napi will not be\nregistered by netif_napi_add(), so the .poll pointer indicates NULL.\nBut it couldn\u0027t distinguish whether the napi was unregistered or not\nbecause netif_napi_del() doesn\u0027t reset the .poll pointer to NULL.\nSo, ionic_qcq_enable() calls napi_enable() for the queue, which was\nunregistered by netif_napi_del().\n\nReproducer:\n   ethtool -L \u003cinterface name\u003e rx 1 tx 1 combined 0\n   ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 1\n   ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 4\n\nSplat looks like:\nkernel BUG at net/core/dev.c:6666!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 1057 Comm: kworker/3:3 Not tainted 6.10.0-rc2+ #16\nWorkqueue: events ionic_lif_deferred_work [ionic]\nRIP: 0010:napi_enable+0x3b/0x40\nCode: 48 89 c2 48 83 e2 f6 80 b9 61 09 00 00 00 74 0d 48 83 bf 60 01 00 00 00 74 03 80 ce 01 f0 4f\nRSP: 0018:ffffb6ed83227d48 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff97560cda0828 RCX: 0000000000000029\nRDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff97560cda0a28\nRBP: ffffb6ed83227d50 R08: 0000000000000400 R09: 0000000000000001\nR10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000\nR13: ffff97560ce3c1a0 R14: 0000000000000000 R15: ffff975613ba0a20\nFS:  0000000000000000(0000) GS:ffff975d5f780000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8f734ee200 CR3: 0000000103e50000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die+0x33/0x90\n ? do_trap+0xd9/0x100\n ? napi_enable+0x3b/0x40\n ? do_error_trap+0x83/0xb0\n ? napi_enable+0x3b/0x40\n ? napi_enable+0x3b/0x40\n ? exc_invalid_op+0x4e/0x70\n ? napi_enable+0x3b/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? napi_enable+0x3b/0x40\n ionic_qcq_enable+0xb7/0x180 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_start_queues+0xc4/0x290 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_link_status_check+0x11c/0x170 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_lif_deferred_work+0x129/0x280 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n process_one_work+0x145/0x360\n worker_thread+0x2bb/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: ionic: fix use after netif_napi_del()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-39502"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297474",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297474"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39502",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-39502"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39502",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39502"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071204-CVE-2024-39502-afe9@gregkh/T"
        }
      ],
      "release_date": "2024-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: ionic: fix use after netif_napi_del()"
    },
    {
      "cve": "CVE-2024-40978",
      "cwe": {
        "id": "CWE-822",
        "name": "Untrusted Pointer Dereference"
      },
      "discovery_date": "2024-07-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297562"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedi: Fix crash while reading debugfs attribute\n\nThe qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly\non a __user pointer, which results into the crash.\n\nTo fix this issue, use a small local stack buffer for sprintf() and then\ncall simple_read_from_buffer(), which in turns make the copy_to_user()\ncall.\n\nBUG: unable to handle page fault for address: 00007f4801111000\nPGD 8000000864df6067 P4D 8000000864df6067 PUD 864df7067 PMD 846028067 PTE 0\nOops: 0002 [#1] PREEMPT SMP PTI\nHardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 06/15/2023\nRIP: 0010:memcpy_orig+0xcd/0x130\nRSP: 0018:ffffb7a18c3ffc40 EFLAGS: 00010202\nRAX: 00007f4801111000 RBX: 00007f4801111000 RCX: 000000000000000f\nRDX: 000000000000000f RSI: ffffffffc0bfd7a0 RDI: 00007f4801111000\nRBP: ffffffffc0bfd7a0 R08: 725f746f6e5f6f64 R09: 3d7265766f636572\nR10: ffffb7a18c3ffd08 R11: 0000000000000000 R12: 00007f4881110fff\nR13: 000000007fffffff R14: ffffb7a18c3ffca0 R15: ffffffffc0bfd7af\nFS:  00007f480118a740(0000) GS:ffff98e38af00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f4801111000 CR3: 0000000864b8e001 CR4: 00000000007706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x1a/0x60\n ? page_fault_oops+0x183/0x510\n ? exc_page_fault+0x69/0x150\n ? asm_exc_page_fault+0x22/0x30\n ? memcpy_orig+0xcd/0x130\n vsnprintf+0x102/0x4c0\n sprintf+0x51/0x80\n qedi_dbg_do_not_recover_cmd_read+0x2f/0x50 [qedi 6bcfdeeecdea037da47069eca2ba717c84a77324]\n full_proxy_read+0x50/0x80\n vfs_read+0xa5/0x2e0\n ? folio_add_new_anon_rmap+0x44/0xa0\n ? set_pte_at+0x15/0x30\n ? do_pte_missing+0x426/0x7f0\n ksys_read+0xa5/0xe0\n do_syscall_64+0x58/0x80\n ? __count_memcg_events+0x46/0x90\n ? count_memcg_event_mm+0x3d/0x60\n ? handle_mm_fault+0x196/0x2f0\n ? do_user_addr_fault+0x267/0x890\n ? exc_page_fault+0x69/0x150\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7f4800f20b4d",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: scsi: qedi: Fix crash while reading debugfs attribute",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-40978"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297562",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297562"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-40978",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-40978"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40978",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40978"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071231-CVE-2024-40978-d135@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071231-CVE-2024-40978-d135@gregkh/T"
        }
      ],
      "release_date": "2024-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "kernel: scsi: qedi: Fix crash while reading debugfs attribute"
    },
    {
      "cve": "CVE-2024-41090",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-07-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2299240"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size \u003c ETH_HLEN. The packet may traverse through vhost-net, macvtap, and vlan without any validation or drop. When this packet is presented to the mlx5 driver on the host side, the kernel panic happens since mlx5_core assumes the frame size is always \u003e= ETH_HLEN.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: virtio-net: tap: mlx5_core short frame denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-41090"
        },
        {
          "category": "external",
          "summary": "RHBZ#2299240",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299240"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41090",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-41090"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41090",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41090"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024072916-CVE-2024-41090-9830@gregkh",
          "url": "https://lore.kernel.org/linux-cve-announce/2024072916-CVE-2024-41090-9830@gregkh"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2024/07/24/4",
          "url": "https://www.openwall.com/lists/oss-security/2024/07/24/4"
        }
      ],
      "release_date": "2024-07-24T17:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: virtio-net: tap: mlx5_core short frame denial of service"
    },
    {
      "cve": "CVE-2024-41091",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-07-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2299336"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size \u003c ETH_HLEN. The packet may traverse through vhost-net, macvtap, and vlan without any validation or drop. When this packet is presented to the mlx5 driver on the host side, the kernel panic happens since mlx5_core assumes the frame size is always \u003e= ETH_HLEN.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: virtio-net: tun: mlx5_core short frame denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-41091"
        },
        {
          "category": "external",
          "summary": "RHBZ#2299336",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299336"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41091",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-41091"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41091",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41091"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024072918-CVE-2024-41091-35b7@gregkh",
          "url": "https://lore.kernel.org/linux-cve-announce/2024072918-CVE-2024-41091-35b7@gregkh"
        },
        {
          "category": "external",
          "summary": "https://www.openwall.com/lists/oss-security/2024/07/24/4",
          "url": "https://www.openwall.com/lists/oss-security/2024/07/24/4"
        }
      ],
      "release_date": "2024-07-24T17:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-13T00:13:06+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5256"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.112.1.rt21.184.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: virtio-net: tun: mlx5_core short frame denial of service"
    }
  ]
}

cve-2024-40978

Vulnerability from cvelistv5

Published

2024-07-12 12:32

Modified

2024-11-05 09:34

Severity ?

Summary

scsi: qedi: Fix crash while reading debugfs attribute

References

▼	URL	Tags
	https://git.kernel.org/stable/c/56bec63a7fc87ad50b3373a87517dc9770eef9e0
	https://git.kernel.org/stable/c/21c963de2e86e88f6a8ca556bcebb8e62ab8e901
	https://git.kernel.org/stable/c/144d76a676b630e321556965011b00e2de0b40a7
	https://git.kernel.org/stable/c/397a8990c377ee4b61d6df768e61dff9e316d46b
	https://git.kernel.org/stable/c/eaddb86637669f6bad89245ee63f8fb2bfb50241
	https://git.kernel.org/stable/c/fa85b016a56b9775a3fe41e5d26e666945963b46
	https://git.kernel.org/stable/c/e2f433ea7d0ff77998766a088a287337fb43ad75
	https://git.kernel.org/stable/c/28027ec8e32ecbadcd67623edb290dad61e735b5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:39:56.066Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/56bec63a7fc87ad50b3373a87517dc9770eef9e0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/21c963de2e86e88f6a8ca556bcebb8e62ab8e901"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/144d76a676b630e321556965011b00e2de0b40a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/397a8990c377ee4b61d6df768e61dff9e316d46b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eaddb86637669f6bad89245ee63f8fb2bfb50241"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fa85b016a56b9775a3fe41e5d26e666945963b46"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e2f433ea7d0ff77998766a088a287337fb43ad75"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/28027ec8e32ecbadcd67623edb290dad61e735b5"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40978",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:02:30.760177Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:21.743Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/qedi/qedi_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "56bec63a7fc8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "21c963de2e86",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "144d76a676b6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "397a8990c377",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "eaddb8663766",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fa85b016a56b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e2f433ea7d0f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "28027ec8e32e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/qedi/qedi_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.317",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.279",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.221",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.162",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.96",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.36",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedi: Fix crash while reading debugfs attribute\n\nThe qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly\non a __user pointer, which results into the crash.\n\nTo fix this issue, use a small local stack buffer for sprintf() and then\ncall simple_read_from_buffer(), which in turns make the copy_to_user()\ncall.\n\nBUG: unable to handle page fault for address: 00007f4801111000\nPGD 8000000864df6067 P4D 8000000864df6067 PUD 864df7067 PMD 846028067 PTE 0\nOops: 0002 [#1] PREEMPT SMP PTI\nHardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 06/15/2023\nRIP: 0010:memcpy_orig+0xcd/0x130\nRSP: 0018:ffffb7a18c3ffc40 EFLAGS: 00010202\nRAX: 00007f4801111000 RBX: 00007f4801111000 RCX: 000000000000000f\nRDX: 000000000000000f RSI: ffffffffc0bfd7a0 RDI: 00007f4801111000\nRBP: ffffffffc0bfd7a0 R08: 725f746f6e5f6f64 R09: 3d7265766f636572\nR10: ffffb7a18c3ffd08 R11: 0000000000000000 R12: 00007f4881110fff\nR13: 000000007fffffff R14: ffffb7a18c3ffca0 R15: ffffffffc0bfd7af\nFS:  00007f480118a740(0000) GS:ffff98e38af00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f4801111000 CR3: 0000000864b8e001 CR4: 00000000007706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x1a/0x60\n ? page_fault_oops+0x183/0x510\n ? exc_page_fault+0x69/0x150\n ? asm_exc_page_fault+0x22/0x30\n ? memcpy_orig+0xcd/0x130\n vsnprintf+0x102/0x4c0\n sprintf+0x51/0x80\n qedi_dbg_do_not_recover_cmd_read+0x2f/0x50 [qedi 6bcfdeeecdea037da47069eca2ba717c84a77324]\n full_proxy_read+0x50/0x80\n vfs_read+0xa5/0x2e0\n ? folio_add_new_anon_rmap+0x44/0xa0\n ? set_pte_at+0x15/0x30\n ? do_pte_missing+0x426/0x7f0\n ksys_read+0xa5/0xe0\n do_syscall_64+0x58/0x80\n ? __count_memcg_events+0x46/0x90\n ? count_memcg_event_mm+0x3d/0x60\n ? handle_mm_fault+0x196/0x2f0\n ? do_user_addr_fault+0x267/0x890\n ? exc_page_fault+0x69/0x150\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7f4800f20b4d"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:34:22.165Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/56bec63a7fc87ad50b3373a87517dc9770eef9e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/21c963de2e86e88f6a8ca556bcebb8e62ab8e901"
        },
        {
          "url": "https://git.kernel.org/stable/c/144d76a676b630e321556965011b00e2de0b40a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/397a8990c377ee4b61d6df768e61dff9e316d46b"
        },
        {
          "url": "https://git.kernel.org/stable/c/eaddb86637669f6bad89245ee63f8fb2bfb50241"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa85b016a56b9775a3fe41e5d26e666945963b46"
        },
        {
          "url": "https://git.kernel.org/stable/c/e2f433ea7d0ff77998766a088a287337fb43ad75"
        },
        {
          "url": "https://git.kernel.org/stable/c/28027ec8e32ecbadcd67623edb290dad61e735b5"
        }
      ],
      "title": "scsi: qedi: Fix crash while reading debugfs attribute",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-40978",
    "datePublished": "2024-07-12T12:32:14.149Z",
    "dateReserved": "2024-07-12T12:17:45.604Z",
    "dateUpdated": "2024-11-05T09:34:22.165Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-26642

Vulnerability from cvelistv5

Published

2024-03-21 10:43

Modified

2024-11-05 09:13

Severity ?

Summary

netfilter: nf_tables: disallow anonymous set with timeout flag

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9
	https://git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f
	https://git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351
	https://git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199
	https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a
	https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12
	https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7
	https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26642",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-03T17:43:46.916001Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:25.164Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:07:19.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e4988d8415bd",
              "status": "affected",
              "version": "761da2935d6e",
              "versionType": "git"
            },
            {
              "lessThan": "e9a0d3f376eb",
              "status": "affected",
              "version": "761da2935d6e",
              "versionType": "git"
            },
            {
              "lessThan": "fe40ffbca19d",
              "status": "affected",
              "version": "761da2935d6e",
              "versionType": "git"
            },
            {
              "lessThan": "7cdc1be24cc1",
              "status": "affected",
              "version": "761da2935d6e",
              "versionType": "git"
            },
            {
              "lessThan": "72c1efe3f247",
              "status": "affected",
              "version": "761da2935d6e",
              "versionType": "git"
            },
            {
              "lessThan": "c0c2176d1814",
              "status": "affected",
              "version": "761da2935d6e",
              "versionType": "git"
            },
            {
              "lessThan": "8e07c1669558",
              "status": "affected",
              "version": "761da2935d6e",
              "versionType": "git"
            },
            {
              "lessThan": "16603605b667",
              "status": "affected",
              "version": "761da2935d6e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.1"
            },
            {
              "lessThan": "4.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.312",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.274",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.154",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.84",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:13:04.965Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9"
        },
        {
          "url": "https://git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f"
        },
        {
          "url": "https://git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351"
        },
        {
          "url": "https://git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199"
        },
        {
          "url": "https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a"
        },
        {
          "url": "https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12"
        },
        {
          "url": "https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7"
        },
        {
          "url": "https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1"
        }
      ],
      "title": "netfilter: nf_tables: disallow anonymous set with timeout flag",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26642",
    "datePublished": "2024-03-21T10:43:43.495Z",
    "dateReserved": "2024-02-19T14:20:24.137Z",
    "dateUpdated": "2024-11-05T09:13:04.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-26993

Vulnerability from cvelistv5

Published

2024-05-01 05:28

Modified

2024-11-05 09:19

Severity ?

Summary

fs: sysfs: Fix reference leak in sysfs_break_active_protection()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f28bba37fe244889b81bb5c508d3f6e5c6e342c5
	https://git.kernel.org/stable/c/57baab0f376bec8f54b0fe6beb8f77a57c228063
	https://git.kernel.org/stable/c/84bd4c2ae9c3d0a7d3a5c032ea7efff17af17e17
	https://git.kernel.org/stable/c/43f00210cb257bcb0387e8caeb4b46375d67f30c
	https://git.kernel.org/stable/c/5d43e072285e81b0b63cee7189b3357c7768a43b
	https://git.kernel.org/stable/c/ac107356aabc362aaeb77463e814fc067a5d3957
	https://git.kernel.org/stable/c/a4c99b57d43bab45225ba92d574a8683f9edc8e4
	https://git.kernel.org/stable/c/a90bca2228c0646fc29a72689d308e5fe03e6d78

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26993",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-01T13:37:12.333218Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:22:44.436Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.900Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f28bba37fe244889b81bb5c508d3f6e5c6e342c5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/57baab0f376bec8f54b0fe6beb8f77a57c228063"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/84bd4c2ae9c3d0a7d3a5c032ea7efff17af17e17"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/43f00210cb257bcb0387e8caeb4b46375d67f30c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5d43e072285e81b0b63cee7189b3357c7768a43b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ac107356aabc362aaeb77463e814fc067a5d3957"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a4c99b57d43bab45225ba92d574a8683f9edc8e4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a90bca2228c0646fc29a72689d308e5fe03e6d78"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/sysfs/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f28bba37fe24",
              "status": "affected",
              "version": "2afc9166f79b",
              "versionType": "git"
            },
            {
              "lessThan": "57baab0f376b",
              "status": "affected",
              "version": "2afc9166f79b",
              "versionType": "git"
            },
            {
              "lessThan": "84bd4c2ae9c3",
              "status": "affected",
              "version": "2afc9166f79b",
              "versionType": "git"
            },
            {
              "lessThan": "43f00210cb25",
              "status": "affected",
              "version": "2afc9166f79b",
              "versionType": "git"
            },
            {
              "lessThan": "5d43e072285e",
              "status": "affected",
              "version": "2afc9166f79b",
              "versionType": "git"
            },
            {
              "lessThan": "ac107356aabc",
              "status": "affected",
              "version": "2afc9166f79b",
              "versionType": "git"
            },
            {
              "lessThan": "a4c99b57d43b",
              "status": "affected",
              "version": "2afc9166f79b",
              "versionType": "git"
            },
            {
              "lessThan": "a90bca2228c0",
              "status": "affected",
              "version": "2afc9166f79b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/sysfs/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "lessThan": "4.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.313",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.275",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.216",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.157",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.88",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.29",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path.  If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called).  As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:19:33.795Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f28bba37fe244889b81bb5c508d3f6e5c6e342c5"
        },
        {
          "url": "https://git.kernel.org/stable/c/57baab0f376bec8f54b0fe6beb8f77a57c228063"
        },
        {
          "url": "https://git.kernel.org/stable/c/84bd4c2ae9c3d0a7d3a5c032ea7efff17af17e17"
        },
        {
          "url": "https://git.kernel.org/stable/c/43f00210cb257bcb0387e8caeb4b46375d67f30c"
        },
        {
          "url": "https://git.kernel.org/stable/c/5d43e072285e81b0b63cee7189b3357c7768a43b"
        },
        {
          "url": "https://git.kernel.org/stable/c/ac107356aabc362aaeb77463e814fc067a5d3957"
        },
        {
          "url": "https://git.kernel.org/stable/c/a4c99b57d43bab45225ba92d574a8683f9edc8e4"
        },
        {
          "url": "https://git.kernel.org/stable/c/a90bca2228c0646fc29a72689d308e5fe03e6d78"
        }
      ],
      "title": "fs: sysfs: Fix reference leak in sysfs_break_active_protection()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26993",
    "datePublished": "2024-05-01T05:28:02.462Z",
    "dateReserved": "2024-02-19T14:20:24.206Z",
    "dateUpdated": "2024-11-05T09:19:33.795Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-35898

Vulnerability from cvelistv5

Published

2024-05-19 08:34

Modified

2024-11-05 09:24

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007
	https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77
	https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331
	https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8
	https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b
	https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df
	https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859
	https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-35898",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T18:29:13.616197Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T19:40:06.574Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:21:48.658Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "69d1fe14a680",
              "status": "affected",
              "version": "3b49e2e94e6e",
              "versionType": "git"
            },
            {
              "lessThan": "a347bc8e6251",
              "status": "affected",
              "version": "3b49e2e94e6e",
              "versionType": "git"
            },
            {
              "lessThan": "940d41caa71f",
              "status": "affected",
              "version": "3b49e2e94e6e",
              "versionType": "git"
            },
            {
              "lessThan": "2485bcfe05ee",
              "status": "affected",
              "version": "3b49e2e94e6e",
              "versionType": "git"
            },
            {
              "lessThan": "9b5b7708ec2b",
              "status": "affected",
              "version": "3b49e2e94e6e",
              "versionType": "git"
            },
            {
              "lessThan": "8b891153b2e4",
              "status": "affected",
              "version": "3b49e2e94e6e",
              "versionType": "git"
            },
            {
              "lessThan": "e684b1674fd1",
              "status": "affected",
              "version": "3b49e2e94e6e",
              "versionType": "git"
            },
            {
              "lessThan": "24225011d81b",
              "status": "affected",
              "version": "3b49e2e94e6e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.16"
            },
            {
              "lessThan": "4.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.312",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.274",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.154",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.85",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.26",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\n\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:24:40.836Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007"
        },
        {
          "url": "https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77"
        },
        {
          "url": "https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331"
        },
        {
          "url": "https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8"
        },
        {
          "url": "https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df"
        },
        {
          "url": "https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859"
        },
        {
          "url": "https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304"
        }
      ],
      "title": "netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-35898",
    "datePublished": "2024-05-19T08:34:52.519Z",
    "dateReserved": "2024-05-17T13:50:33.114Z",
    "dateUpdated": "2024-11-05T09:24:40.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-27397

Vulnerability from cvelistv5

Published

2024-05-09 16:37

Modified

2024-11-05 09:21

Severity ?

Summary

netfilter: nf_tables: use timestamp to check for set element timeout

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f8dfda798650241c1692058713ca4fef8e429061
	https://git.kernel.org/stable/c/eaf1a29ea5d7dba8e84e9e9f3b3f47d0cd540bfe
	https://git.kernel.org/stable/c/7b17de2a71e56c10335b565cc7ad238e6d984379
	https://git.kernel.org/stable/c/0d40e8cb1d1f56a994cdd2e015af622fdca9ed4d
	https://git.kernel.org/stable/c/b45176b869673417ace338b87cf9cdb66e2eeb01
	https://git.kernel.org/stable/c/383182db8d58c4237772ba0764cded4938a235c3
	https://git.kernel.org/stable/c/7395dfacfff65e9938ac0889dafa1ab01e987d15

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27397",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:39:42.529200Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:44:15.867Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:34:52.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b45176b869673417ace338b87cf9cdb66e2eeb01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/383182db8d58c4237772ba0764cded4938a235c3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7395dfacfff65e9938ac0889dafa1ab01e987d15"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_tables.h",
            "net/netfilter/nf_tables_api.c",
            "net/netfilter/nft_set_hash.c",
            "net/netfilter/nft_set_pipapo.c",
            "net/netfilter/nft_set_rbtree.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f8dfda798650",
              "status": "affected",
              "version": "c3e1b005ed1c",
              "versionType": "git"
            },
            {
              "lessThan": "eaf1a29ea5d7",
              "status": "affected",
              "version": "c3e1b005ed1c",
              "versionType": "git"
            },
            {
              "lessThan": "7b17de2a71e5",
              "status": "affected",
              "version": "c3e1b005ed1c",
              "versionType": "git"
            },
            {
              "lessThan": "0d40e8cb1d1f",
              "status": "affected",
              "version": "c3e1b005ed1c",
              "versionType": "git"
            },
            {
              "lessThan": "b45176b86967",
              "status": "affected",
              "version": "c3e1b005ed1c",
              "versionType": "git"
            },
            {
              "lessThan": "383182db8d58",
              "status": "affected",
              "version": "c3e1b005ed1c",
              "versionType": "git"
            },
            {
              "lessThan": "7395dfacfff6",
              "status": "affected",
              "version": "c3e1b005ed1c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_tables.h",
            "net/netfilter/nf_tables_api.c",
            "net/netfilter/nft_set_hash.c",
            "net/netfilter/nft_set_pipapo.c",
            "net/netfilter/nft_set_rbtree.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.1"
            },
            {
              "lessThan": "4.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.320",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.282",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.224",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.165",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.97",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: use timestamp to check for set element timeout\n\nAdd a timestamp field at the beginning of the transaction, store it\nin the nftables per-netns area.\n\nUpdate set backend .insert, .deactivate and sync gc path to use the\ntimestamp, this avoids that an element expires while control plane\ntransaction is still unfinished.\n\n.lookup and .update, which are used from packet path, still use the\ncurrent time to check if the element has expired. And .get path and dump\nalso since this runs lockless under rcu read size lock. Then, there is\nasync gc which also needs to check the current time since it runs\nasynchronously from a workqueue."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:21:27.953Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f8dfda798650241c1692058713ca4fef8e429061"
        },
        {
          "url": "https://git.kernel.org/stable/c/eaf1a29ea5d7dba8e84e9e9f3b3f47d0cd540bfe"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b17de2a71e56c10335b565cc7ad238e6d984379"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d40e8cb1d1f56a994cdd2e015af622fdca9ed4d"
        },
        {
          "url": "https://git.kernel.org/stable/c/b45176b869673417ace338b87cf9cdb66e2eeb01"
        },
        {
          "url": "https://git.kernel.org/stable/c/383182db8d58c4237772ba0764cded4938a235c3"
        },
        {
          "url": "https://git.kernel.org/stable/c/7395dfacfff65e9938ac0889dafa1ab01e987d15"
        }
      ],
      "title": "netfilter: nf_tables: use timestamp to check for set element timeout",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27397",
    "datePublished": "2024-05-09T16:37:22.463Z",
    "dateReserved": "2024-02-25T13:47:42.677Z",
    "dateUpdated": "2024-11-05T09:21:27.953Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-39502

Vulnerability from cvelistv5

Published

2024-07-12 12:20

Modified

2024-11-05 09:32

Severity ?

Summary

ionic: fix use after netif_napi_del()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0d19267cb150e8f76ade210e16ee820a77f684e7
	https://git.kernel.org/stable/c/ff9c2a9426ecf5b9631e9fd74993b357262387d6
	https://git.kernel.org/stable/c/8edd18dab443863e9e48f084e7f123fca3065e4e
	https://git.kernel.org/stable/c/60cd714871cd5a683353a355cbb17a685245cf84
	https://git.kernel.org/stable/c/183ebc167a8a19e916b885d4bb61a3491991bfa5
	https://git.kernel.org/stable/c/a87d72b37b9ec2c1e18fe36b09241d8b30334a2e
	https://git.kernel.org/stable/c/79f18a41dd056115d685f3b0a419c7cd40055e13

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:26:15.603Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d19267cb150e8f76ade210e16ee820a77f684e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff9c2a9426ecf5b9631e9fd74993b357262387d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8edd18dab443863e9e48f084e7f123fca3065e4e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/60cd714871cd5a683353a355cbb17a685245cf84"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/183ebc167a8a19e916b885d4bb61a3491991bfa5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a87d72b37b9ec2c1e18fe36b09241d8b30334a2e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79f18a41dd056115d685f3b0a419c7cd40055e13"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39502",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:07:07.252622Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:40.350Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/pensando/ionic/ionic_lif.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0d19267cb150",
              "status": "affected",
              "version": "0f3154e6bcb3",
              "versionType": "git"
            },
            {
              "lessThan": "ff9c2a9426ec",
              "status": "affected",
              "version": "0f3154e6bcb3",
              "versionType": "git"
            },
            {
              "lessThan": "8edd18dab443",
              "status": "affected",
              "version": "0f3154e6bcb3",
              "versionType": "git"
            },
            {
              "lessThan": "60cd714871cd",
              "status": "affected",
              "version": "0f3154e6bcb3",
              "versionType": "git"
            },
            {
              "lessThan": "183ebc167a8a",
              "status": "affected",
              "version": "0f3154e6bcb3",
              "versionType": "git"
            },
            {
              "lessThan": "a87d72b37b9e",
              "status": "affected",
              "version": "0f3154e6bcb3",
              "versionType": "git"
            },
            {
              "lessThan": "79f18a41dd05",
              "status": "affected",
              "version": "0f3154e6bcb3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/pensando/ionic/ionic_lif.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.279",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.221",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.162",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.35",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nionic: fix use after netif_napi_del()\n\nWhen queues are started, netif_napi_add() and napi_enable() are called.\nIf there are 4 queues and only 3 queues are used for the current\nconfiguration, only 3 queues\u0027 napi should be registered and enabled.\nThe ionic_qcq_enable() checks whether the .poll pointer is not NULL for\nenabling only the using queue\u0027 napi. Unused queues\u0027 napi will not be\nregistered by netif_napi_add(), so the .poll pointer indicates NULL.\nBut it couldn\u0027t distinguish whether the napi was unregistered or not\nbecause netif_napi_del() doesn\u0027t reset the .poll pointer to NULL.\nSo, ionic_qcq_enable() calls napi_enable() for the queue, which was\nunregistered by netif_napi_del().\n\nReproducer:\n   ethtool -L \u003cinterface name\u003e rx 1 tx 1 combined 0\n   ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 1\n   ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 4\n\nSplat looks like:\nkernel BUG at net/core/dev.c:6666!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 1057 Comm: kworker/3:3 Not tainted 6.10.0-rc2+ #16\nWorkqueue: events ionic_lif_deferred_work [ionic]\nRIP: 0010:napi_enable+0x3b/0x40\nCode: 48 89 c2 48 83 e2 f6 80 b9 61 09 00 00 00 74 0d 48 83 bf 60 01 00 00 00 74 03 80 ce 01 f0 4f\nRSP: 0018:ffffb6ed83227d48 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff97560cda0828 RCX: 0000000000000029\nRDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff97560cda0a28\nRBP: ffffb6ed83227d50 R08: 0000000000000400 R09: 0000000000000001\nR10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000\nR13: ffff97560ce3c1a0 R14: 0000000000000000 R15: ffff975613ba0a20\nFS:  0000000000000000(0000) GS:ffff975d5f780000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8f734ee200 CR3: 0000000103e50000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die+0x33/0x90\n ? do_trap+0xd9/0x100\n ? napi_enable+0x3b/0x40\n ? do_error_trap+0x83/0xb0\n ? napi_enable+0x3b/0x40\n ? napi_enable+0x3b/0x40\n ? exc_invalid_op+0x4e/0x70\n ? napi_enable+0x3b/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? napi_enable+0x3b/0x40\n ionic_qcq_enable+0xb7/0x180 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_start_queues+0xc4/0x290 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_link_status_check+0x11c/0x170 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_lif_deferred_work+0x129/0x280 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n process_one_work+0x145/0x360\n worker_thread+0x2bb/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:32:33.208Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0d19267cb150e8f76ade210e16ee820a77f684e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/ff9c2a9426ecf5b9631e9fd74993b357262387d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/8edd18dab443863e9e48f084e7f123fca3065e4e"
        },
        {
          "url": "https://git.kernel.org/stable/c/60cd714871cd5a683353a355cbb17a685245cf84"
        },
        {
          "url": "https://git.kernel.org/stable/c/183ebc167a8a19e916b885d4bb61a3491991bfa5"
        },
        {
          "url": "https://git.kernel.org/stable/c/a87d72b37b9ec2c1e18fe36b09241d8b30334a2e"
        },
        {
          "url": "https://git.kernel.org/stable/c/79f18a41dd056115d685f3b0a419c7cd40055e13"
        }
      ],
      "title": "ionic: fix use after netif_napi_del()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-39502",
    "datePublished": "2024-07-12T12:20:35.635Z",
    "dateReserved": "2024-06-25T14:23:23.752Z",
    "dateUpdated": "2024-11-05T09:32:33.208Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-36971

Vulnerability from cvelistv5

Published

2024-06-10 09:03

Modified

2024-11-05 09:29

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

net: fix __dst_negative_advice() race

References

▼	URL	Tags
	https://git.kernel.org/stable/c/051c0bde9f0450a2ec3d62a86d2a0d2fad117f13
	https://git.kernel.org/stable/c/db0082825037794c5dba9959c9de13ca34cc5e72
	https://git.kernel.org/stable/c/2295a7ef5c8c49241bff769e7826ef2582e532a6
	https://git.kernel.org/stable/c/eacb8b195579c174a6d3e12a9690b206eb7f28cf
	https://git.kernel.org/stable/c/81dd3c82a456b0015461754be7cb2693991421b4
	https://git.kernel.org/stable/c/5af198c387128a9d2ddd620b0f0803564a4d4508
	https://git.kernel.org/stable/c/b8af8e6118a6605f0e495a58d591ca94a85a50fc
	https://git.kernel.org/stable/c/92f1655aa2b2294d0b49925f3b875a634bd3b59e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:43:50.464Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/051c0bde9f0450a2ec3d62a86d2a0d2fad117f13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/db0082825037794c5dba9959c9de13ca34cc5e72"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2295a7ef5c8c49241bff769e7826ef2582e532a6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eacb8b195579c174a6d3e12a9690b206eb7f28cf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/81dd3c82a456b0015461754be7cb2693991421b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5af198c387128a9d2ddd620b0f0803564a4d4508"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b8af8e6118a6605f0e495a58d591ca94a85a50fc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/92f1655aa2b2294d0b49925f3b875a634bd3b59e"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:4.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "4.6"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "051c0bde9f04",
                "status": "affected",
                "version": "a87cb3e48ee8",
                "versionType": "git"
              },
              {
                "lessThan": "db0082825037",
                "status": "affected",
                "version": "a87cb3e48ee8",
                "versionType": "git"
              },
              {
                "lessThan": "2295a7ef5c8c",
                "status": "affected",
                "version": "a87cb3e48ee8",
                "versionType": "git"
              },
              {
                "lessThan": "eacb8b195579",
                "status": "affected",
                "version": "a87cb3e48ee8",
                "versionType": "git"
              },
              {
                "lessThan": "81dd3c82a456",
                "status": "affected",
                "version": "a87cb3e48ee8",
                "versionType": "git"
              },
              {
                "lessThan": "5af198c38712",
                "status": "affected",
                "version": "a87cb3e48ee8",
                "versionType": "git"
              },
              {
                "lessThan": "b8af8e6118a6",
                "status": "affected",
                "version": "a87cb3e48ee8",
                "versionType": "git"
              },
              {
                "lessThan": "92f1655aa2b2",
                "status": "affected",
                "version": "a87cb3e48ee8",
                "versionType": "git"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "4.6",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:4.19.316:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "4.20",
                "status": "unaffected",
                "version": "4.19.316",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:5.4.278:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5.5",
                "status": "unaffected",
                "version": "5.4.278",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:5.10.219:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5.11",
                "status": "unaffected",
                "version": "5.10.219",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:5.15.161:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5.16",
                "status": "unaffected",
                "version": "5.15.161",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:6.1.94:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "6.2",
                "status": "unaffected",
                "version": "6.1.94",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:6.6.34:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "6.7",
                "status": "unaffected",
                "version": "6.6.34",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:6.9.4:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "6.10",
                "status": "unaffected",
                "version": "6.9.4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:6.10:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "unaffected",
                "version": "6.10",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-36971",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-07T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-08-07",
                "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:55:24.694Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2024-08-07T00:00:00+00:00",
            "value": "CVE-2024-36971 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/dst_ops.h",
            "include/net/sock.h",
            "net/ipv4/route.c",
            "net/ipv6/route.c",
            "net/xfrm/xfrm_policy.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "051c0bde9f04",
              "status": "affected",
              "version": "a87cb3e48ee8",
              "versionType": "git"
            },
            {
              "lessThan": "db0082825037",
              "status": "affected",
              "version": "a87cb3e48ee8",
              "versionType": "git"
            },
            {
              "lessThan": "2295a7ef5c8c",
              "status": "affected",
              "version": "a87cb3e48ee8",
              "versionType": "git"
            },
            {
              "lessThan": "eacb8b195579",
              "status": "affected",
              "version": "a87cb3e48ee8",
              "versionType": "git"
            },
            {
              "lessThan": "81dd3c82a456",
              "status": "affected",
              "version": "a87cb3e48ee8",
              "versionType": "git"
            },
            {
              "lessThan": "5af198c38712",
              "status": "affected",
              "version": "a87cb3e48ee8",
              "versionType": "git"
            },
            {
              "lessThan": "b8af8e6118a6",
              "status": "affected",
              "version": "a87cb3e48ee8",
              "versionType": "git"
            },
            {
              "lessThan": "92f1655aa2b2",
              "status": "affected",
              "version": "a87cb3e48ee8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/dst_ops.h",
            "include/net/sock.h",
            "net/ipv4/route.c",
            "net/ipv6/route.c",
            "net/xfrm/xfrm_policy.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.6"
            },
            {
              "lessThan": "4.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.316",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.278",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.219",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.161",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.34",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix __dst_negative_advice() race\n\n__dst_negative_advice() does not enforce proper RCU rules when\nsk-\u003edst_cache must be cleared, leading to possible UAF.\n\nRCU rules are that we must first clear sk-\u003esk_dst_cache,\nthen call dst_release(old_dst).\n\nNote that sk_dst_reset(sk) is implementing this protocol correctly,\nwhile __dst_negative_advice() uses the wrong order.\n\nGiven that ip6_negative_advice() has special logic\nagainst RTF_CACHE, this means each of the three -\u003enegative_advice()\nexisting methods must perform the sk_dst_reset() themselves.\n\nNote the check against NULL dst is centralized in\n__dst_negative_advice(), there is no need to duplicate\nit in various callbacks.\n\nMany thanks to Clement Lecigne for tracking this issue.\n\nThis old bug became visible after the blamed commit, using UDP sockets."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:29:05.519Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/051c0bde9f0450a2ec3d62a86d2a0d2fad117f13"
        },
        {
          "url": "https://git.kernel.org/stable/c/db0082825037794c5dba9959c9de13ca34cc5e72"
        },
        {
          "url": "https://git.kernel.org/stable/c/2295a7ef5c8c49241bff769e7826ef2582e532a6"
        },
        {
          "url": "https://git.kernel.org/stable/c/eacb8b195579c174a6d3e12a9690b206eb7f28cf"
        },
        {
          "url": "https://git.kernel.org/stable/c/81dd3c82a456b0015461754be7cb2693991421b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/5af198c387128a9d2ddd620b0f0803564a4d4508"
        },
        {
          "url": "https://git.kernel.org/stable/c/b8af8e6118a6605f0e495a58d591ca94a85a50fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/92f1655aa2b2294d0b49925f3b875a634bd3b59e"
        }
      ],
      "title": "net: fix __dst_negative_advice() race",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-36971",
    "datePublished": "2024-06-10T09:03:23.878Z",
    "dateReserved": "2024-05-30T15:25:07.082Z",
    "dateUpdated": "2024-11-05T09:29:05.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-27403

Vulnerability from cvelistv5

Published

2024-05-17 11:40

Modified

2024-11-05 09:21

Severity ?

Summary

netfilter: nft_flow_offload: reset dst in route object after setting up flow

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c
	https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4
	https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148
	https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae
	https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27403",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-17T17:17:07.998820Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:46:43.380Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:34:52.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_flow_table.h",
            "net/netfilter/nf_flow_table_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4c167af9f6b5",
              "status": "affected",
              "version": "a3c90f7a2323",
              "versionType": "git"
            },
            {
              "lessThan": "012df10717da",
              "status": "affected",
              "version": "a3c90f7a2323",
              "versionType": "git"
            },
            {
              "lessThan": "558b00a30e05",
              "status": "affected",
              "version": "a3c90f7a2323",
              "versionType": "git"
            },
            {
              "lessThan": "670548c8db44",
              "status": "affected",
              "version": "a3c90f7a2323",
              "versionType": "git"
            },
            {
              "lessThan": "9e0f0430389b",
              "status": "affected",
              "version": "a3c90f7a2323",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_flow_table.h",
            "net/netfilter/nf_flow_table_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.16"
            },
            {
              "lessThan": "4.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.80",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_flow_offload: reset dst in route object after setting up flow\n\ndst is transferred to the flow object, route object does not own it\nanymore.  Reset dst in route object, otherwise if flow_offload_add()\nfails, error path releases dst twice, leading to a refcount underflow."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:21:34.710Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c"
        },
        {
          "url": "https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4"
        },
        {
          "url": "https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148"
        },
        {
          "url": "https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3"
        }
      ],
      "title": "netfilter: nft_flow_offload: reset dst in route object after setting up flow",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27403",
    "datePublished": "2024-05-17T11:40:17.992Z",
    "dateReserved": "2024-02-25T13:47:42.681Z",
    "dateUpdated": "2024-11-05T09:21:34.710Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-36886

Vulnerability from cvelistv5

Published

2024-05-30 15:28

Modified

2024-11-05 09:27

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

tipc: fix UAF in error path

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e19ec8ab0e25bc4803d7cc91c84e84532e2781bd
	https://git.kernel.org/stable/c/93bc2d6d16f2c3178736ba6b845b30475856dc40
	https://git.kernel.org/stable/c/367766ff9e407f8a68409b7ce4dc4d5a72afeab1
	https://git.kernel.org/stable/c/66116556076f0b96bc1aa9844008c743c8c67684
	https://git.kernel.org/stable/c/21ea04aad8a0839b4ec27ef1691ca480620e8e14
	https://git.kernel.org/stable/c/ffd4917c1edb3c3ff334fce3704fbe9c39f35682
	https://git.kernel.org/stable/c/a0fbb26f8247e326a320e2cb4395bfb234332c90
	https://git.kernel.org/stable/c/080cbb890286cd794f1ee788bbc5463e2deb7c2b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:4.1:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "4.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "e19ec8ab0e25",
                "status": "affected",
                "version": "1149557d64c9",
                "versionType": "custom"
              },
              {
                "lessThan": "93bc2d6d16f2",
                "status": "affected",
                "version": "1149557d64c9",
                "versionType": "custom"
              },
              {
                "lessThan": "367766ff9e40",
                "status": "affected",
                "version": "1149557d64c9",
                "versionType": "custom"
              },
              {
                "lessThan": "66116556076f",
                "status": "affected",
                "version": "1149557d64c9",
                "versionType": "custom"
              },
              {
                "lessThan": "21ea04aad8a0",
                "status": "affected",
                "version": "1149557d64c9",
                "versionType": "custom"
              },
              {
                "lessThan": "ffd4917c1edb",
                "status": "affected",
                "version": "1149557d64c9",
                "versionType": "custom"
              },
              {
                "lessThan": "a0fbb26f8247",
                "status": "affected",
                "version": "1149557d64c9",
                "versionType": "custom"
              },
              {
                "lessThan": "080cbb890286",
                "status": "affected",
                "version": "1149557d64c9",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-36886",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-22T03:55:33.064938Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-24T12:40:50.587Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-10-18T13:07:39.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e19ec8ab0e25bc4803d7cc91c84e84532e2781bd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93bc2d6d16f2c3178736ba6b845b30475856dc40"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/367766ff9e407f8a68409b7ce4dc4d5a72afeab1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/66116556076f0b96bc1aa9844008c743c8c67684"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/21ea04aad8a0839b4ec27ef1691ca480620e8e14"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ffd4917c1edb3c3ff334fce3704fbe9c39f35682"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a0fbb26f8247e326a320e2cb4395bfb234332c90"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/080cbb890286cd794f1ee788bbc5463e2deb7c2b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241018-0002/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/msg.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e19ec8ab0e25",
              "status": "affected",
              "version": "1149557d64c9",
              "versionType": "git"
            },
            {
              "lessThan": "93bc2d6d16f2",
              "status": "affected",
              "version": "1149557d64c9",
              "versionType": "git"
            },
            {
              "lessThan": "367766ff9e40",
              "status": "affected",
              "version": "1149557d64c9",
              "versionType": "git"
            },
            {
              "lessThan": "66116556076f",
              "status": "affected",
              "version": "1149557d64c9",
              "versionType": "git"
            },
            {
              "lessThan": "21ea04aad8a0",
              "status": "affected",
              "version": "1149557d64c9",
              "versionType": "git"
            },
            {
              "lessThan": "ffd4917c1edb",
              "status": "affected",
              "version": "1149557d64c9",
              "versionType": "git"
            },
            {
              "lessThan": "a0fbb26f8247",
              "status": "affected",
              "version": "1149557d64c9",
              "versionType": "git"
            },
            {
              "lessThan": "080cbb890286",
              "status": "affected",
              "version": "1149557d64c9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/msg.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.1"
            },
            {
              "lessThan": "4.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.314",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.276",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.217",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.91",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.31",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix UAF in error path\n\nSam Page (sam4k) working with Trend Micro Zero Day Initiative reported\na UAF in the tipc_buf_append() error path:\n\nBUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0\nlinux/net/core/skbuff.c:1183\nRead of size 8 at addr ffff88804d2a7c80 by task poc/8034\n\nCPU: 1 PID: 8034 Comm: poc Not tainted 6.8.2 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.0-debian-1.16.0-5 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack linux/lib/dump_stack.c:88\n dump_stack_lvl+0xd9/0x1b0 linux/lib/dump_stack.c:106\n print_address_description linux/mm/kasan/report.c:377\n print_report+0xc4/0x620 linux/mm/kasan/report.c:488\n kasan_report+0xda/0x110 linux/mm/kasan/report.c:601\n kfree_skb_list_reason+0x47e/0x4c0 linux/net/core/skbuff.c:1183\n skb_release_data+0x5af/0x880 linux/net/core/skbuff.c:1026\n skb_release_all linux/net/core/skbuff.c:1094\n __kfree_skb linux/net/core/skbuff.c:1108\n kfree_skb_reason+0x12d/0x210 linux/net/core/skbuff.c:1144\n kfree_skb linux/./include/linux/skbuff.h:1244\n tipc_buf_append+0x425/0xb50 linux/net/tipc/msg.c:186\n tipc_link_input+0x224/0x7c0 linux/net/tipc/link.c:1324\n tipc_link_rcv+0x76e/0x2d70 linux/net/tipc/link.c:1824\n tipc_rcv+0x45f/0x10f0 linux/net/tipc/node.c:2159\n tipc_udp_recv+0x73b/0x8f0 linux/net/tipc/udp_media.c:390\n udp_queue_rcv_one_skb+0xad2/0x1850 linux/net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x131/0xb00 linux/net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x165/0x3b0 linux/net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x2594/0x3400 linux/net/ipv4/udp.c:2422\n ip_protocol_deliver_rcu+0x30c/0x4e0 linux/net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2e4/0x520 linux/net/ipv4/ip_input.c:233\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_local_deliver+0x18e/0x1f0 linux/net/ipv4/ip_input.c:254\n dst_input linux/./include/net/dst.h:461\n ip_rcv_finish linux/net/ipv4/ip_input.c:449\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_rcv+0x2c5/0x5d0 linux/net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core+0x199/0x1e0 linux/net/core/dev.c:5534\n __netif_receive_skb+0x1f/0x1c0 linux/net/core/dev.c:5648\n process_backlog+0x101/0x6b0 linux/net/core/dev.c:5976\n __napi_poll.constprop.0+0xba/0x550 linux/net/core/dev.c:6576\n napi_poll linux/net/core/dev.c:6645\n net_rx_action+0x95a/0xe90 linux/net/core/dev.c:6781\n __do_softirq+0x21f/0x8e7 linux/kernel/softirq.c:553\n do_softirq linux/kernel/softirq.c:454\n do_softirq+0xb2/0xf0 linux/kernel/softirq.c:441\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x100/0x120 linux/kernel/softirq.c:381\n local_bh_enable linux/./include/linux/bottom_half.h:33\n rcu_read_unlock_bh linux/./include/linux/rcupdate.h:851\n __dev_queue_xmit+0x871/0x3ee0 linux/net/core/dev.c:4378\n dev_queue_xmit linux/./include/linux/netdevice.h:3169\n neigh_hh_output linux/./include/net/neighbour.h:526\n neigh_output linux/./include/net/neighbour.h:540\n ip_finish_output2+0x169f/0x2550 linux/net/ipv4/ip_output.c:235\n __ip_finish_output linux/net/ipv4/ip_output.c:313\n __ip_finish_output+0x49e/0x950 linux/net/ipv4/ip_output.c:295\n ip_finish_output+0x31/0x310 linux/net/ipv4/ip_output.c:323\n NF_HOOK_COND linux/./include/linux/netfilter.h:303\n ip_output+0x13b/0x2a0 linux/net/ipv4/ip_output.c:433\n dst_output linux/./include/net/dst.h:451\n ip_local_out linux/net/ipv4/ip_output.c:129\n ip_send_skb+0x3e5/0x560 linux/net/ipv4/ip_output.c:1492\n udp_send_skb+0x73f/0x1530 linux/net/ipv4/udp.c:963\n udp_sendmsg+0x1a36/0x2b40 linux/net/ipv4/udp.c:1250\n inet_sendmsg+0x105/0x140 linux/net/ipv4/af_inet.c:850\n sock_sendmsg_nosec linux/net/socket.c:730\n __sock_sendmsg linux/net/socket.c:745\n __sys_sendto+0x42c/0x4e0 linux/net/socket.c:2191\n __do_sys_sendto linux/net/socket.c:2203\n __se_sys_sendto linux/net/socket.c:2199\n __x64_sys_sendto+0xe0/0x1c0 linux/net/socket.c:2199\n do_syscall_x64 linux/arch/x86/entry/common.c:52\n do_syscall_\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:27:29.440Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e19ec8ab0e25bc4803d7cc91c84e84532e2781bd"
        },
        {
          "url": "https://git.kernel.org/stable/c/93bc2d6d16f2c3178736ba6b845b30475856dc40"
        },
        {
          "url": "https://git.kernel.org/stable/c/367766ff9e407f8a68409b7ce4dc4d5a72afeab1"
        },
        {
          "url": "https://git.kernel.org/stable/c/66116556076f0b96bc1aa9844008c743c8c67684"
        },
        {
          "url": "https://git.kernel.org/stable/c/21ea04aad8a0839b4ec27ef1691ca480620e8e14"
        },
        {
          "url": "https://git.kernel.org/stable/c/ffd4917c1edb3c3ff334fce3704fbe9c39f35682"
        },
        {
          "url": "https://git.kernel.org/stable/c/a0fbb26f8247e326a320e2cb4395bfb234332c90"
        },
        {
          "url": "https://git.kernel.org/stable/c/080cbb890286cd794f1ee788bbc5463e2deb7c2b"
        }
      ],
      "title": "tipc: fix UAF in error path",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-36886",
    "datePublished": "2024-05-30T15:28:55.059Z",
    "dateReserved": "2024-05-30T15:25:07.065Z",
    "dateUpdated": "2024-11-05T09:27:29.440Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-41091

Vulnerability from cvelistv5

Published

2024-07-29 06:18

Modified

2024-11-05 09:36

Severity ?

Summary

tun: add missing verification for short frame

References

▼	URL	Tags
	https://git.kernel.org/stable/c/32b0aaba5dbc85816898167d9b5d45a22eae82e9
	https://git.kernel.org/stable/c/6100e0237204890269e3f934acfc50d35fd6f319
	https://git.kernel.org/stable/c/589382f50b4a5d90d16d8bc9dcbc0e927a3e39b2
	https://git.kernel.org/stable/c/ad6b3f622ccfb4bfedfa53b6ebd91c3d1d04f146
	https://git.kernel.org/stable/c/d5ad89b7d01ed4e66fd04734fc63d6e78536692a
	https://git.kernel.org/stable/c/a9d1c27e2ee3b0ea5d40c105d6e728fc114470bb
	https://git.kernel.org/stable/c/8418f55302fa1d2eeb73e16e345167e545c598a5
	https://git.kernel.org/stable/c/049584807f1d797fc3078b68035450a9769eb5c3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:46:52.398Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/32b0aaba5dbc85816898167d9b5d45a22eae82e9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6100e0237204890269e3f934acfc50d35fd6f319"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/589382f50b4a5d90d16d8bc9dcbc0e927a3e39b2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad6b3f622ccfb4bfedfa53b6ebd91c3d1d04f146"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d5ad89b7d01ed4e66fd04734fc63d6e78536692a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a9d1c27e2ee3b0ea5d40c105d6e728fc114470bb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8418f55302fa1d2eeb73e16e345167e545c598a5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/049584807f1d797fc3078b68035450a9769eb5c3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41091",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:24:56.109252Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:06.194Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/tun.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "32b0aaba5dbc",
              "status": "affected",
              "version": "043d222f93ab",
              "versionType": "git"
            },
            {
              "lessThan": "6100e0237204",
              "status": "affected",
              "version": "043d222f93ab",
              "versionType": "git"
            },
            {
              "lessThan": "589382f50b4a",
              "status": "affected",
              "version": "043d222f93ab",
              "versionType": "git"
            },
            {
              "lessThan": "ad6b3f622ccf",
              "status": "affected",
              "version": "043d222f93ab",
              "versionType": "git"
            },
            {
              "lessThan": "d5ad89b7d01e",
              "status": "affected",
              "version": "043d222f93ab",
              "versionType": "git"
            },
            {
              "lessThan": "a9d1c27e2ee3",
              "status": "affected",
              "version": "043d222f93ab",
              "versionType": "git"
            },
            {
              "lessThan": "8418f55302fa",
              "status": "affected",
              "version": "043d222f93ab",
              "versionType": "git"
            },
            {
              "lessThan": "049584807f1d",
              "status": "affected",
              "version": "043d222f93ab",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/tun.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.20"
            },
            {
              "lessThan": "4.20",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.281",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.223",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.164",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.102",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.10.*",
              "status": "unaffected",
              "version": "6.10.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.11",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: add missing verification for short frame\n\nThe cited commit missed to check against the validity of the frame length\nin the tun_xdp_one() path, which could cause a corrupted skb to be sent\ndownstack. Even before the skb is transmitted, the\ntun_xdp_one--\u003eeth_type_trans() may access the Ethernet header although it\ncan be less than ETH_HLEN. Once transmitted, this could either cause\nout-of-bound access beyond the actual length, or confuse the underlayer\nwith incorrect or inconsistent header length in the skb metadata.\n\nIn the alternative path, tun_get_user() already prohibits short frame which\nhas the length less than Ethernet header size from being transmitted for\nIFF_TAP.\n\nThis is to drop any frame shorter than the Ethernet header size just like\nhow tun_get_user() does.\n\nCVE: CVE-2024-41091"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:36:31.969Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/32b0aaba5dbc85816898167d9b5d45a22eae82e9"
        },
        {
          "url": "https://git.kernel.org/stable/c/6100e0237204890269e3f934acfc50d35fd6f319"
        },
        {
          "url": "https://git.kernel.org/stable/c/589382f50b4a5d90d16d8bc9dcbc0e927a3e39b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad6b3f622ccfb4bfedfa53b6ebd91c3d1d04f146"
        },
        {
          "url": "https://git.kernel.org/stable/c/d5ad89b7d01ed4e66fd04734fc63d6e78536692a"
        },
        {
          "url": "https://git.kernel.org/stable/c/a9d1c27e2ee3b0ea5d40c105d6e728fc114470bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/8418f55302fa1d2eeb73e16e345167e545c598a5"
        },
        {
          "url": "https://git.kernel.org/stable/c/049584807f1d797fc3078b68035450a9769eb5c3"
        }
      ],
      "title": "tun: add missing verification for short frame",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-41091",
    "datePublished": "2024-07-29T06:18:12.019Z",
    "dateReserved": "2024-07-12T12:17:45.636Z",
    "dateUpdated": "2024-11-05T09:36:31.969Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47624

Vulnerability from cvelistv5

Published

2024-07-16 11:29

Modified

2024-11-04 12:09

Severity ?

Summary

net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb
	https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f
	https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:47:40.258Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47624",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:59:55.305965Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:16.385Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sunrpc/sysfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4b22aa42bd4d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5f6024c05a2c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "776d794f28c9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sunrpc/sysfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change\n\nThe refcount leak issues take place in an error handling path. When the\n3rd argument buf doesn\u0027t match with \"offline\", \"online\" or \"remove\", the\nfunction simply returns -EINVAL and forgets to decrease the reference\ncount of a rpc_xprt object and a rpc_xprt_switch object increased by\nrpc_sysfs_xprt_kobj_get_xprt() and\nrpc_sysfs_xprt_kobj_get_xprt_switch(), causing reference count leaks of\nboth unused objects.\n\nFix this issue by jumping to the error handling path labelled with\nout_put when buf matches none of \"offline\", \"online\" or \"remove\"."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:09:22.894Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f"
        },
        {
          "url": "https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18"
        }
      ],
      "title": "net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47624",
    "datePublished": "2024-07-16T11:29:39.903Z",
    "dateReserved": "2024-07-16T11:26:52.956Z",
    "dateUpdated": "2024-11-04T12:09:22.894Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-41090

Vulnerability from cvelistv5

Published

2024-07-29 06:18

Modified

2024-11-05 09:36

Severity ?

Summary

tap: add missing verification for short frame

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8be915fc5ff9a5e296f6538be12ea75a1a93bdea
	https://git.kernel.org/stable/c/7431144b406ae82807eb87d8c98e518475b0450f
	https://git.kernel.org/stable/c/e5e5e63c506b93b89b01f522b6a7343585f784e6
	https://git.kernel.org/stable/c/ee93e6da30377cf2a75e16cd32bb9fcd86a61c46
	https://git.kernel.org/stable/c/aa6a5704cab861c9b2ae9f475076e1881e87f5aa
	https://git.kernel.org/stable/c/73d462a38d5f782b7c872fe9ae8393d9ef5483da
	https://git.kernel.org/stable/c/e1a786b9bbb767fd1c922d424aaa8078cc542309
	https://git.kernel.org/stable/c/ed7f2afdd0e043a397677e597ced0830b83ba0b3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:46:52.408Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8be915fc5ff9a5e296f6538be12ea75a1a93bdea"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7431144b406ae82807eb87d8c98e518475b0450f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e5e5e63c506b93b89b01f522b6a7343585f784e6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ee93e6da30377cf2a75e16cd32bb9fcd86a61c46"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa6a5704cab861c9b2ae9f475076e1881e87f5aa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/73d462a38d5f782b7c872fe9ae8393d9ef5483da"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e1a786b9bbb767fd1c922d424aaa8078cc542309"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ed7f2afdd0e043a397677e597ced0830b83ba0b3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41090",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:24:59.280166Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:06.307Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/tap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8be915fc5ff9",
              "status": "affected",
              "version": "0efac27791ee",
              "versionType": "git"
            },
            {
              "lessThan": "7431144b406a",
              "status": "affected",
              "version": "0efac27791ee",
              "versionType": "git"
            },
            {
              "lessThan": "e5e5e63c506b",
              "status": "affected",
              "version": "0efac27791ee",
              "versionType": "git"
            },
            {
              "lessThan": "ee93e6da3037",
              "status": "affected",
              "version": "0efac27791ee",
              "versionType": "git"
            },
            {
              "lessThan": "aa6a5704cab8",
              "status": "affected",
              "version": "0efac27791ee",
              "versionType": "git"
            },
            {
              "lessThan": "73d462a38d5f",
              "status": "affected",
              "version": "0efac27791ee",
              "versionType": "git"
            },
            {
              "lessThan": "e1a786b9bbb7",
              "status": "affected",
              "version": "0efac27791ee",
              "versionType": "git"
            },
            {
              "lessThan": "ed7f2afdd0e0",
              "status": "affected",
              "version": "0efac27791ee",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/tap.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.20"
            },
            {
              "lessThan": "4.20",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.281",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.223",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.164",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.102",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.10.*",
              "status": "unaffected",
              "version": "6.10.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.11",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntap: add missing verification for short frame\n\nThe cited commit missed to check against the validity of the frame length\nin the tap_get_user_xdp() path, which could cause a corrupted skb to be\nsent downstack. Even before the skb is transmitted, the\ntap_get_user_xdp()--\u003eskb_set_network_header() may assume the size is more\nthan ETH_HLEN. Once transmitted, this could either cause out-of-bound\naccess beyond the actual length, or confuse the underlayer with incorrect\nor inconsistent header length in the skb metadata.\n\nIn the alternative path, tap_get_user() already prohibits short frame which\nhas the length less than Ethernet header size from being transmitted.\n\nThis is to drop any frame shorter than the Ethernet header size just like\nhow tap_get_user() does.\n\nCVE: CVE-2024-41090"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:36:30.851Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8be915fc5ff9a5e296f6538be12ea75a1a93bdea"
        },
        {
          "url": "https://git.kernel.org/stable/c/7431144b406ae82807eb87d8c98e518475b0450f"
        },
        {
          "url": "https://git.kernel.org/stable/c/e5e5e63c506b93b89b01f522b6a7343585f784e6"
        },
        {
          "url": "https://git.kernel.org/stable/c/ee93e6da30377cf2a75e16cd32bb9fcd86a61c46"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa6a5704cab861c9b2ae9f475076e1881e87f5aa"
        },
        {
          "url": "https://git.kernel.org/stable/c/73d462a38d5f782b7c872fe9ae8393d9ef5483da"
        },
        {
          "url": "https://git.kernel.org/stable/c/e1a786b9bbb767fd1c922d424aaa8078cc542309"
        },
        {
          "url": "https://git.kernel.org/stable/c/ed7f2afdd0e043a397677e597ced0830b83ba0b3"
        }
      ],
      "title": "tap: add missing verification for short frame",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-41090",
    "datePublished": "2024-07-29T06:18:10.896Z",
    "dateReserved": "2024-07-12T12:17:45.635Z",
    "dateUpdated": "2024-11-05T09:36:30.851Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-21823

Vulnerability from cvelistv5

Published

2024-05-16 20:46

Modified

2024-08-14 20:45

Severity ?

7.5 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H

Summary

Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access

References

▼	URL	Tags
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/
	http://www.openwall.com/lists/oss-security/2024/05/15/1
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/

Impacted products

▼	Vendor	Product
	n/a	Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:27:36.291Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/05/15/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21823",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T18:02:56.696203Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-08T14:39:32.573Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-1264",
              "description": "Hardware Logic with Insecure De-Synchronization between Control and Data Channels",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-14T20:45:24.842Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html",
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01084.html"
        },
        {
          "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/",
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/"
        },
        {
          "name": "http://www.openwall.com/lists/oss-security/2024/05/15/1",
          "url": "http://www.openwall.com/lists/oss-security/2024/05/15/1"
        },
        {
          "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/",
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2024-21823",
    "datePublished": "2024-05-16T20:46:57.735Z",
    "dateReserved": "2024-01-24T04:00:22.601Z",
    "dateUpdated": "2024-08-14T20:45:24.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-26808

Vulnerability from cvelistv5

Published

2024-04-04 09:50

Modified

2024-11-05 09:16

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9489e214ea8f2a90345516016aa51f2db3a8cc2f
	https://git.kernel.org/stable/c/70f17b48c86622217a58d5099d29242fc9adac58
	https://git.kernel.org/stable/c/af149a46890e8285d1618bd68b8d159bdb87fdb3
	https://git.kernel.org/stable/c/e5888acbf1a3d8d021990ce6c6061fd5b2bb21b4
	https://git.kernel.org/stable/c/36a0a80f32209238469deb481967d777a3d539ee
	https://git.kernel.org/stable/c/01acb2e8666a6529697141a6017edbf206921913

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:14:13.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9489e214ea8f2a90345516016aa51f2db3a8cc2f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/70f17b48c86622217a58d5099d29242fc9adac58"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/af149a46890e8285d1618bd68b8d159bdb87fdb3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e5888acbf1a3d8d021990ce6c6061fd5b2bb21b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/36a0a80f32209238469deb481967d777a3d539ee"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/01acb2e8666a6529697141a6017edbf206921913"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-26808",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-07T15:05:25.057476Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T15:13:04.455Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nft_chain_filter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9489e214ea8f",
              "status": "affected",
              "version": "60a3815da702",
              "versionType": "git"
            },
            {
              "lessThan": "70f17b48c866",
              "status": "affected",
              "version": "60a3815da702",
              "versionType": "git"
            },
            {
              "lessThan": "af149a46890e",
              "status": "affected",
              "version": "60a3815da702",
              "versionType": "git"
            },
            {
              "lessThan": "e5888acbf1a3",
              "status": "affected",
              "version": "60a3815da702",
              "versionType": "git"
            },
            {
              "lessThan": "36a0a80f3220",
              "status": "affected",
              "version": "60a3815da702",
              "versionType": "git"
            },
            {
              "lessThan": "01acb2e8666a",
              "status": "affected",
              "version": "60a3815da702",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nft_chain_filter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.210",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.149",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain\n\nRemove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER\nevent is reported, otherwise a stale reference to netdevice remains in\nthe hook list."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:16:12.711Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9489e214ea8f2a90345516016aa51f2db3a8cc2f"
        },
        {
          "url": "https://git.kernel.org/stable/c/70f17b48c86622217a58d5099d29242fc9adac58"
        },
        {
          "url": "https://git.kernel.org/stable/c/af149a46890e8285d1618bd68b8d159bdb87fdb3"
        },
        {
          "url": "https://git.kernel.org/stable/c/e5888acbf1a3d8d021990ce6c6061fd5b2bb21b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/36a0a80f32209238469deb481967d777a3d539ee"
        },
        {
          "url": "https://git.kernel.org/stable/c/01acb2e8666a6529697141a6017edbf206921913"
        }
      ],
      "title": "netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26808",
    "datePublished": "2024-04-04T09:50:26.672Z",
    "dateReserved": "2024-02-19T14:20:24.179Z",
    "dateUpdated": "2024-11-05T09:16:12.711Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-35897

Vulnerability from cvelistv5

Published

2024-05-19 08:34

Modified

2024-11-05 09:24

Severity ?

Summary

netfilter: nf_tables: discard table flag update with pending basechain deletion

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc
	https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78
	https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362
	https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb
	https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4
	https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827
	https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927
	https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:21:48.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-35897",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:41:11.412085Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:16.369Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e75faf01e22e",
              "status": "affected",
              "version": "bf8083bbf8fa",
              "versionType": "git"
            },
            {
              "lessThan": "9a3b90904d8a",
              "status": "affected",
              "version": "e10f661adc55",
              "versionType": "git"
            },
            {
              "lessThan": "b58d0ac35f6d",
              "status": "affected",
              "version": "d9c4da8cb74e",
              "versionType": "git"
            },
            {
              "lessThan": "6cbbe1ba76ee",
              "status": "affected",
              "version": "179d9ba5559a",
              "versionType": "git"
            },
            {
              "lessThan": "2aeb805a1bcd",
              "status": "affected",
              "version": "179d9ba5559a",
              "versionType": "git"
            },
            {
              "lessThan": "9627fd0c6ea1",
              "status": "affected",
              "version": "179d9ba5559a",
              "versionType": "git"
            },
            {
              "lessThan": "7f609f630951",
              "status": "affected",
              "version": "179d9ba5559a",
              "versionType": "git"
            },
            {
              "lessThan": "1bc83a019bbe",
              "status": "affected",
              "version": "179d9ba5559a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.274",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.86",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.26",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\n\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:24:39.753Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78"
        },
        {
          "url": "https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362"
        },
        {
          "url": "https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb"
        },
        {
          "url": "https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4"
        },
        {
          "url": "https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827"
        },
        {
          "url": "https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927"
        },
        {
          "url": "https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518"
        }
      ],
      "title": "netfilter: nf_tables: discard table flag update with pending basechain deletion",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-35897",
    "datePublished": "2024-05-19T08:34:51.799Z",
    "dateReserved": "2024-05-17T13:50:33.114Z",
    "dateUpdated": "2024-11-05T09:24:39.753Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

Vulnerability from csaf_redhat

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags