rhsa-2024_5673
Vulnerability from csaf_redhat
Published
2024-08-21 00:17
Modified
2024-09-18 09:08
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)
* kernel: igc: avoid returning frame twice in XDP_REDIRECT (CVE-2024-26853)
* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)
* kernel: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (CVE-2023-52735)
* kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)
* kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
* kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)
* kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
* kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
* kernel: NFSv4: Fix memory leak in nfs4_set_security_label (CVE-2024-41076)
* kernel: ice: Don't process extts if PTP is disabled (CVE-2024-42107)
Bug Fix(es):
* kernel-rt: update RT source tree to the latest RHEL-9.2 ad hoc schedule build (JIRA:RHEL-54222)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)\n\n* kernel: igc: avoid returning frame twice in XDP_REDIRECT (CVE-2024-26853)\n\n* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)\n\n* kernel: bpf, sockmap: Don\u0026#39;t let sock_map_{close,destroy,unhash} call itself (CVE-2023-52735)\n\n* kernel: net: fix out-of-bounds access in ops_init (CVE-2024-36883)\n\n* kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)\n\n* kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)\n\n* kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)\n\n* kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)\n\n* kernel: NFSv4: Fix memory leak in nfs4_set_security_label (CVE-2024-41076)\n\n* kernel: ice: Don\u0026#39;t process extts if PTP is disabled (CVE-2024-42107)\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest RHEL-9.2 ad hoc schedule build (JIRA:RHEL-54222)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5673",
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2265797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265797"
},
{
"category": "external",
"summary": "2275748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275748"
},
{
"category": "external",
"summary": "2281968",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281968"
},
{
"category": "external",
"summary": "2282618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282618"
},
{
"category": "external",
"summary": "2284271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284271"
},
{
"category": "external",
"summary": "2293356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293356"
},
{
"category": "external",
"summary": "2297579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297579"
},
{
"category": "external",
"summary": "2299240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299240"
},
{
"category": "external",
"summary": "2299336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299336"
},
{
"category": "external",
"summary": "2300453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300453"
},
{
"category": "external",
"summary": "2301766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301766"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5673.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2024-09-18T09:08:02+00:00",
"generator": {
"date": "2024-09-18T09:08:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:5673",
"initial_release_date": "2024-08-21T00:17:24+00:00",
"revision_history": [
{
"date": "2024-08-21T00:17:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-21T00:17:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T09:08:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::realtime"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.80.1.rt14.365.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.80.1.rt14.365.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)",
"product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)",
"product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52463",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265797"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel, which involves the improper handling of the efivarfs filesystem when the firmware does not support the SetVariable function at runtime. Specifically, even if efivarfs is initially mounted as read-only (RO), it can be remounted as read-write (RW) without checking if the firmware can handle variable updates. This issue allows operations such as efi-updatevar to be executed, which leads to a crash due to a NULL pointer dereference. This crash occurs because the callback for SetVariable is not assigned, causing a level 0 translation fault.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: efivarfs: force RO when remounting if SetVariable is not supported",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as Moderate severity because it requires specific conditions to be exploited: the system must be using a firmware that does not support the SetVariable function at runtime, and an attacker must have the ability to remount the efivarfs filesystem with read-write permissions. While it does not provide direct unauthorized access or code execution, the resulting crash from a NULL pointer dereference can cause denial of service, disrupting normal system operations. The impact is limited to systems with the specified firmware and does not affect systems where the SetVariable function is properly supported, reducing the overall exposure and potential damage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52463"
},
{
"category": "external",
"summary": "RHBZ#2265797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265797"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52463",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52463"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52463-6195@gregkh/T/#u",
"url": "https://lore.kernel.org/linux-cve-announce/2024022335-CVE-2023-52463-6195@gregkh/T/#u"
}
],
"release_date": "2024-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
},
{
"category": "workaround",
"details": "No mitigation is currently available for this vulnerability. Make sure to perform the updates as they become available.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: efivarfs: force RO when remounting if SetVariable is not supported"
},
{
"cve": "CVE-2023-52735",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2024-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2282618"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself\n\nsock_map proto callbacks should never call themselves by design. Protect\nagainst bugs like [1] and break out of the recursive loop to avoid a stack\noverflow in favor of a resource leak.\n\n[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: bpf, sockmap: Don\u0026#39;t let sock_map_{close,destroy,unhash} call itself",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52735"
},
{
"category": "external",
"summary": "RHBZ#2282618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282618"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52735",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52735"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52735-4df1@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52735-4df1@gregkh/T"
}
],
"release_date": "2024-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: bpf, sockmap: Don\u0026#39;t let sock_map_{close,destroy,unhash} call itself"
},
{
"cve": "CVE-2024-26853",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2275748"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in the Linux kernel\u2019s Intel(R) Ethernet Controller I225-LM/I225-V driver in how a user generates a high amount of packets. This flaw allows a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: igc: avoid returning frame twice in XDP_REDIRECT",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26853"
},
{
"category": "external",
"summary": "RHBZ#2275748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26853"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26853-b549@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024041723-CVE-2024-26853-b549@gregkh/T"
}
],
"release_date": "2024-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: igc: avoid returning frame twice in XDP_REDIRECT"
},
{
"cve": "CVE-2024-36000",
"discovery_date": "2024-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2281968"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix missing hugetlb_lock for resv uncharge\n\nThere is a recent report on UFFDIO_COPY over hugetlb:\n\nhttps://lore.kernel.org/all/000000000000ee06de0616177560@google.com/\n\n350:\tlockdep_assert_held(\u0026hugetlb_lock);\n\nShould be an issue in hugetlb but triggered in an userfault context, where\nit goes into the unlikely path where two threads modifying the resv map\ntogether. Mike has a fix in that path for resv uncharge but it looks like\nthe locking criteria was overlooked: hugetlb_cgroup_uncharge_folio_rsvd()\nwill update the cgroup pointer, so it requires to be called with the lock\nheld.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-36000"
},
{
"category": "external",
"summary": "RHBZ#2281968",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281968"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-36000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36000"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36000",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36000"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024052023-CVE-2024-36000-cfc4@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024052023-CVE-2024-36000-cfc4@gregkh/T"
}
],
"release_date": "2024-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge"
},
{
"cve": "CVE-2024-36883",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2024-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2284271"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s networking subsystem in how a local user triggers a complex race condition. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: fix out-of-bounds access in ops_init",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-36883"
},
{
"category": "external",
"summary": "RHBZ#2284271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-36883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36883"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024053032-CVE-2024-36883-b892@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024053032-CVE-2024-36883-b892@gregkh/T"
}
],
"release_date": "2024-05-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: fix out-of-bounds access in ops_init"
},
{
"cve": "CVE-2024-38608",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293356"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix netif state handling\n\nmlx5e_suspend cleans resources only if netif_device_present() returns\ntrue. However, mlx5e_resume changes the state of netif, via\nmlx5e_nic_enable, only if reg_state == NETREG_REGISTERED.\nIn the below case, the above leads to NULL-ptr Oops[1] and memory\nleaks:\n\nmlx5e_probe\n _mlx5e_resume\n mlx5e_attach_netdev\n mlx5e_nic_enable \u003c-- netdev not reg, not calling netif_device_attach()\n register_netdev \u003c-- failed for some reason.\nERROR_FLOW:\n _mlx5e_suspend \u003c-- netif_device_present return false, resources aren\u0027t freed :(\n\nHence, clean resources in this case as well.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0010 [#1] SMP\nCPU: 2 PID: 9345 Comm: test-ovs-ct-gen Not tainted 6.5.0_for_upstream_min_debug_2023_09_05_16_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at0xffffffffffffffd6.\nRSP: 0018:ffff888178aaf758 EFLAGS: 00010246\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x14c/0x3c0\n ? exc_page_fault+0x75/0x140\n ? asm_exc_page_fault+0x22/0x30\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_uplink_netdev_event_replay+0x3e/0x60 [mlx5_core]\n mlx5_mdev_netdev_track+0x53/0x60 [mlx5_ib]\n mlx5_ib_roce_init+0xc3/0x340 [mlx5_ib]\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe1/0x210 [mlx5_ib]\n ? auxiliary_match_id+0x6a/0x90\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x637/0x840\n __auxiliary_device_add+0x3b/0xa0\n add_adev+0xc9/0x140 [mlx5_core]\n mlx5_rescan_drivers_locked+0x22a/0x310 [mlx5_core]\n mlx5_register_device+0x53/0xa0 [mlx5_core]\n mlx5_init_one_devl_locked+0x5c4/0x9c0 [mlx5_core]\n mlx5_init_one+0x3b/0x60 [mlx5_core]\n probe_one+0x44c/0x730 [mlx5_core]\n local_pci_probe+0x3e/0x90\n pci_device_probe+0xbf/0x210\n ? kernfs_create_link+0x5d/0xa0\n ? sysfs_do_create_link_sd+0x60/0xc0\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n pci_bus_add_device+0x54/0x80\n pci_iov_add_virtfn+0x2e6/0x320\n sriov_enable+0x208/0x420\n mlx5_core_sriov_configure+0x9e/0x200 [mlx5_core]\n sriov_numvfs_store+0xae/0x1a0\n kernfs_fop_write_iter+0x10c/0x1a0\n vfs_write+0x291/0x3c0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n CR2: 0000000000000000\n ---[ end trace 0000000000000000 ]---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/mlx5e: Fix netif state handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38608"
},
{
"category": "external",
"summary": "RHBZ#2293356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38608",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38608"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2024-38608-4068@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061920-CVE-2024-38608-4068@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: net/mlx5e: Fix netif state handling"
},
{
"cve": "CVE-2024-40995",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2024-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297579"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()\n\nsyzbot found hanging tasks waiting on rtnl_lock [1]\n\nA reproducer is available in the syzbot bug.\n\nWhen a request to add multiple actions with the same index is sent, the\nsecond request will block forever on the first request. This holds\nrtnl_lock, and causes tasks to hang.\n\nReturn -EAGAIN to prevent infinite looping, while keeping documented\nbehavior.\n\n[1]\n\nINFO: task kworker/1:0:5088 blocked for more than 143 seconds.\nNot tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000\nWorkqueue: events_power_efficient reg_check_chans_work\nCall Trace:\n\u003cTASK\u003e\ncontext_switch kernel/sched/core.c:5409 [inline]\n__schedule+0xf15/0x5d00 kernel/sched/core.c:6746\n__schedule_loop kernel/sched/core.c:6823 [inline]\nschedule+0xe7/0x350 kernel/sched/core.c:6838\nschedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895\n__mutex_lock_common kernel/locking/mutex.c:684 [inline]\n__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752\nwiphy_lock include/net/cfg80211.h:5953 [inline]\nreg_leave_invalid_chans net/wireless/reg.c:2466 [inline]\nreg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-40995"
},
{
"category": "external",
"summary": "RHBZ#2297579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-40995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40995"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40995",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40995"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024071251-CVE-2024-40995-2a5c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024071251-CVE-2024-40995-2a5c@gregkh/T"
}
],
"release_date": "2024-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()"
},
{
"cve": "CVE-2024-41076",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300453"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Fix memory leak in nfs4_set_security_label\n\nWe leak nfs_fattr and nfs4_label every time we set a security xattr.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NFSv4: Fix memory leak in nfs4_set_security_label",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41076"
},
{
"category": "external",
"summary": "RHBZ#2300453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41076"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41076",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41076"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072910-CVE-2024-41076-6124@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024072910-CVE-2024-41076-6124@gregkh/T"
}
],
"release_date": "2024-07-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NFSv4: Fix memory leak in nfs4_set_security_label"
},
{
"cve": "CVE-2024-41090",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2299240"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size \u003c ETH_HLEN. The packet may traverse through vhost-net, macvtap, and vlan without any validation or drop. When this packet is presented to the mlx5 driver on the host side, the kernel panic happens since mlx5_core assumes the frame size is always \u003e= ETH_HLEN.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: virtio-net: tap: mlx5_core short frame denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41090"
},
{
"category": "external",
"summary": "RHBZ#2299240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299240"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41090"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41090",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41090"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072916-CVE-2024-41090-9830@gregkh",
"url": "https://lore.kernel.org/linux-cve-announce/2024072916-CVE-2024-41090-9830@gregkh"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2024/07/24/4",
"url": "https://www.openwall.com/lists/oss-security/2024/07/24/4"
}
],
"release_date": "2024-07-24T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: virtio-net: tap: mlx5_core short frame denial of service"
},
{
"cve": "CVE-2024-41091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2299336"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size \u003c ETH_HLEN. The packet may traverse through vhost-net, macvtap, and vlan without any validation or drop. When this packet is presented to the mlx5 driver on the host side, the kernel panic happens since mlx5_core assumes the frame size is always \u003e= ETH_HLEN.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: virtio-net: tun: mlx5_core short frame denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41091"
},
{
"category": "external",
"summary": "RHBZ#2299336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41091"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024072918-CVE-2024-41091-35b7@gregkh",
"url": "https://lore.kernel.org/linux-cve-announce/2024072918-CVE-2024-41091-35b7@gregkh"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2024/07/24/4",
"url": "https://www.openwall.com/lists/oss-security/2024/07/24/4"
}
],
"release_date": "2024-07-24T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: virtio-net: tun: mlx5_core short frame denial of service"
},
{
"cve": "CVE-2024-42107",
"discovery_date": "2024-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2301766"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Don\u0027t process extts if PTP is disabled\n\nThe ice_ptp_extts_event() function can race with ice_ptp_release() and\nresult in a NULL pointer dereference which leads to a kernel panic.\n\nPanic occurs because the ice_ptp_extts_event() function calls\nptp_clock_event() with a NULL pointer. The ice driver has already\nreleased the PTP clock by the time the interrupt for the next external\ntimestamp event occurs.\n\nTo fix this, modify the ice_ptp_extts_event() function to check the\nPTP state and bail early if PTP is not ready.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ice: Don\u0027t process extts if PTP is disabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42107"
},
{
"category": "external",
"summary": "RHBZ#2301766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42107"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024073020-CVE-2024-42107-65cc@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024073020-CVE-2024-42107-65cc@gregkh/T"
}
],
"release_date": "2024-07-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5673"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.src",
"RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64",
"RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.80.1.rt14.365.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ice: Don\u0027t process extts if PTP is disabled"
}
]
}
Loading...