csaf_redhat - rhsa-2024

rhsa-2024_6990

Vulnerability from csaf_redhat

Published

2024-09-24 00:27

Modified

2024-10-14 22:51

Summary

Red Hat Security Advisory: kernel-rt security update

Notes

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489) * kernel: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (CVE-2021-47393) * kernel: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() (CVE-2021-47559) * kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CVE-2024-40984) * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995) * kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773) * kernel: vsock: remove vsock from connected table when connect is interrupted by a signal (CVE-2022-48786) * kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799) * kernel: SUNRPC: lock against ->sock changing during sysfs read (CVE-2022-48816) * kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055) * kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage (CVE-2023-52489)\n\n* kernel: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (CVE-2021-47393)\n\n* kernel: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() (CVE-2021-47559)\n\n* kernel: ACPICA: Revert \u0026#34;ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0026#34; (CVE-2024-40984)\n\n* kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)\n\n* kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)\n\n* kernel: vsock: remove vsock from connected table when connect is interrupted by a signal (CVE-2022-48786)\n\n* kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)\n\n* kernel: SUNRPC: lock against -\u0026gt;sock changing during sysfs read (CVE-2022-48816)\n\n* kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)\n\n* kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:6990",
        "url": "https://access.redhat.com/errata/RHSA-2024:6990"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2269189",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189"
      },
      {
        "category": "external",
        "summary": "2282345",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282345"
      },
      {
        "category": "external",
        "summary": "2283390",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283390"
      },
      {
        "category": "external",
        "summary": "2297568",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297568"
      },
      {
        "category": "external",
        "summary": "2297579",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297579"
      },
      {
        "category": "external",
        "summary": "2298109",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298109"
      },
      {
        "category": "external",
        "summary": "2298122",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298122"
      },
      {
        "category": "external",
        "summary": "2298135",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298135"
      },
      {
        "category": "external",
        "summary": "2298155",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298155"
      },
      {
        "category": "external",
        "summary": "2300429",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300429"
      },
      {
        "category": "external",
        "summary": "2300448",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300448"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6990.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security update",
    "tracking": {
      "current_release_date": "2024-10-14T22:51:35+00:00",
      "generator": {
        "date": "2024-10-14T22:51:35+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.0.1"
        }
      },
      "id": "RHSA-2024:6990",
      "initial_release_date": "2024-09-24T00:27:36+00:00",
      "revision_history": [
        {
          "date": "2024-09-24T00:27:36+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-09-24T00:27:36+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-10-14T22:51:35+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
                "product": {
                  "name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
                  "product_id": "NFV-9.0.0.Z.E4S",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
                "product": {
                  "name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
                  "product_id": "RT-9.0.0.Z.E4S",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_e4s:9.0::realtime"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
                "product": {
                  "name": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
                  "product_id": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.117.1.rt21.189.el9_0?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-70.117.1.rt21.189.el9_0?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src"
        },
        "product_reference": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
          "product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "NFV-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src"
        },
        "product_reference": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
          "product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
        "relates_to_product_reference": "RT-9.0.0.Z.E4S"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-47393",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "discovery_date": "2024-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2282345"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs\n\nFan speed minimum can be enforced from sysfs. For example, setting\ncurrent fan speed to 20 is used to enforce fan speed to be at 100%\nspeed, 19 - to be not below 90% speed, etcetera. This feature provides\nability to limit fan speed according to some system wise\nconsiderations, like absence of some replaceable units or high system\nambient temperature.\n\nRequest for changing fan minimum speed is configuration request and can\nbe set only through \u0027sysfs\u0027 write procedure. In this situation value of\nargument \u0027state\u0027 is above nominal fan speed maximum.\n\nReturn non-zero code in this case to avoid\nthermal_cooling_device_stats_update() call, because in this case\nstatistics update violates thermal statistics table range.\nThe issues is observed in case kernel is configured with option\nCONFIG_THERMAL_STATISTICS.\n\nHere is the trace from KASAN:\n[  159.506659] BUG: KASAN: slab-out-of-bounds in thermal_cooling_device_stats_update+0x7d/0xb0\n[  159.516016] Read of size 4 at addr ffff888116163840 by task hw-management.s/7444\n[  159.545625] Call Trace:\n[  159.548366]  dump_stack+0x92/0xc1\n[  159.552084]  ? thermal_cooling_device_stats_update+0x7d/0xb0\n[  159.635869]  thermal_zone_device_update+0x345/0x780\n[  159.688711]  thermal_zone_device_set_mode+0x7d/0xc0\n[  159.694174]  mlxsw_thermal_modules_init+0x48f/0x590 [mlxsw_core]\n[  159.700972]  ? mlxsw_thermal_set_cur_state+0x5a0/0x5a0 [mlxsw_core]\n[  159.731827]  mlxsw_thermal_init+0x763/0x880 [mlxsw_core]\n[  160.070233] RIP: 0033:0x7fd995909970\n[  160.074239] Code: 73 01 c3 48 8b 0d 28 d5 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 99 2d 2c 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ..\n[  160.095242] RSP: 002b:00007fff54f5d938 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[  160.103722] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 00007fd995909970\n[  160.111710] RDX: 0000000000000013 RSI: 0000000001906008 RDI: 0000000000000001\n[  160.119699] RBP: 0000000001906008 R08: 00007fd995bc9760 R09: 00007fd996210700\n[  160.127687] R10: 0000000000000073 R11: 0000000000000246 R12: 0000000000000013\n[  160.135673] R13: 0000000000000001 R14: 00007fd995bc8600 R15: 0000000000000013\n[  160.143671]\n[  160.145338] Allocated by task 2924:\n[  160.149242]  kasan_save_stack+0x19/0x40\n[  160.153541]  __kasan_kmalloc+0x7f/0xa0\n[  160.157743]  __kmalloc+0x1a2/0x2b0\n[  160.161552]  thermal_cooling_device_setup_sysfs+0xf9/0x1a0\n[  160.167687]  __thermal_cooling_device_register+0x1b5/0x500\n[  160.173833]  devm_thermal_of_cooling_device_register+0x60/0xa0\n[  160.180356]  mlxreg_fan_probe+0x474/0x5e0 [mlxreg_fan]\n[  160.248140]\n[  160.249807] The buggy address belongs to the object at ffff888116163400\n[  160.249807]  which belongs to the cache kmalloc-1k of size 1024\n[  160.263814] The buggy address is located 64 bytes to the right of\n[  160.263814]  1024-byte region [ffff888116163400, ffff888116163800)\n[  160.277536] The buggy address belongs to the page:\n[  160.282898] page:0000000012275840 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888116167000 pfn:0x116160\n[  160.294872] head:0000000012275840 order:3 compound_mapcount:0 compound_pincount:0\n[  160.303251] flags: 0x200000000010200(slab|head|node=0|zone=2)\n[  160.309694] raw: 0200000000010200 ffffea00046f7208 ffffea0004928208 ffff88810004dbc0\n[  160.318367] raw: ffff888116167000 00000000000a0006 00000001ffffffff 0000000000000000\n[  160.327033] page dumped because: kasan: bad access detected\n[  160.333270]\n[  160.334937] Memory state around the buggy address:\n[  160.356469] \u003effff888116163800: fc ..",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as a moderate severity because it can disrupt system operation by causing crashes or unpredictable behaviour under specific conditions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-47393"
        },
        {
          "category": "external",
          "summary": "RHBZ#2282345",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282345"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47393",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-47393"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47393",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47393"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2021-47393-ea1c@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024052147-CVE-2021-47393-ea1c@gregkh/T"
        }
      ],
      "release_date": "2024-05-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs"
    },
    {
      "cve": "CVE-2021-47559",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2024-05-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2283390"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Linux kernel\u0027s SMC implementation in the smc_vlan_by_tcpsk() function. A potential NULL pointer dereference occurred when handling lower network devices, leading to system crashes and resulting in denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-47559"
        },
        {
          "category": "external",
          "summary": "RHBZ#2283390",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283390"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-47559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-47559"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47559",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47559"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024052450-CVE-2021-47559-9909@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024052450-CVE-2021-47559-9909@gregkh/T"
        }
      ],
      "release_date": "2024-05-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()"
    },
    {
      "cve": "CVE-2022-48773",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2024-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298109"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create\n\nIf there are failures then we must not leave the non-NULL pointers with\nthe error value, otherwise `rpcrdma_ep_destroy` gets confused and tries\nfree them, resulting in an Oops.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-48773"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298109",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298109"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48773",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48773",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48773"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071628-CVE-2022-48773-9563@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071628-CVE-2022-48773-9563@gregkh/T"
        }
      ],
      "release_date": "2024-07-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create"
    },
    {
      "cve": "CVE-2022-48786",
      "cwe": {
        "id": "CWE-371",
        "name": "CWE-371"
      },
      "discovery_date": "2024-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298122"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: remove vsock from connected table when connect is interrupted by a signal\n\nvsock_connect() expects that the socket could already be in the\nTCP_ESTABLISHED state when the connecting task wakes up with a signal\npending. If this happens the socket will be in the connected table, and\nit is not removed when the socket state is reset. In this situation it\u0027s\ncommon for the process to retry connect(), and if the connection is\nsuccessful the socket will be added to the connected table a second\ntime, corrupting the list.\n\nPrevent this by calling vsock_remove_connected() if a signal is received\nwhile waiting for a connection. This is harmless if the socket is not in\nthe connected table, and if it is in the table then removing it will\nprevent list corruption from a double add.\n\nNote for backporting: this patch requires d5afa82c977e (\"vsock: correct\nremoval of socket from the list\"), which is in all current stable trees\nexcept 4.9.y.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: vsock: remove vsock from connected table when connect is interrupted by a signal",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-48786"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298122",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298122"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48786",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-48786"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48786",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48786"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071637-CVE-2022-48786-7416@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071637-CVE-2022-48786-7416@gregkh/T"
        }
      ],
      "release_date": "2024-07-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: vsock: remove vsock from connected table when connect is interrupted by a signal"
    },
    {
      "cve": "CVE-2022-48799",
      "cwe": {
        "id": "CWE-99",
        "name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
      },
      "discovery_date": "2024-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298135"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix list corruption in perf_cgroup_switch()\n\nThere\u0027s list corruption on cgrp_cpuctx_list. This happens on the\nfollowing path:\n\n  perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list)\n      cpu_ctx_sched_in\n         ctx_sched_in\n            ctx_pinned_sched_in\n              merge_sched_in\n                  perf_cgroup_event_disable: remove the event from the list\n\nUse list_for_each_entry_safe() to allow removing an entry during\niteration.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: perf: Fix list corruption in perf_cgroup_switch()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-48799"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298135",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298135"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48799",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-48799"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48799",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48799"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071643-CVE-2022-48799-9594@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071643-CVE-2022-48799-9594@gregkh/T"
        }
      ],
      "release_date": "2024-07-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: perf: Fix list corruption in perf_cgroup_switch()"
    },
    {
      "cve": "CVE-2022-48816",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2024-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2298155"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: lock against -\u003esock changing during sysfs read\n\n-\u003esock can be set to NULL asynchronously unless -\u003erecv_mutex is held.\nSo it is important to hold that mutex.  Otherwise a sysfs read can\ntrigger an oops.\nCommit 17f09d3f619a (\"SUNRPC: Check if the xprt is connected before\nhandling sysfs reads\") appears to attempt to fix this problem, but it\nonly narrows the race window.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: SUNRPC: lock against -\u0026gt;sock changing during sysfs read",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-48816"
        },
        {
          "category": "external",
          "summary": "RHBZ#2298155",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298155"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48816",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-48816"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48816",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48816"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071648-CVE-2022-48816-e2a3@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071648-CVE-2022-48816-e2a3@gregkh/T"
        }
      ],
      "release_date": "2024-07-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: SUNRPC: lock against -\u0026gt;sock changing during sysfs read"
    },
    {
      "cve": "CVE-2023-52489",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "discovery_date": "2024-02-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269189"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. This may lead to compromised Availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-52489"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269189",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269189"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52489",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52489"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T",
          "url": "https://lore.kernel.org/linux-cve-announce/20240229155245.1571576-30-lee@kernel.org/T"
        }
      ],
      "release_date": "2024-02-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: mm/sparsemem: fix race in accessing memory_section-\u003eusage"
    },
    {
      "cve": "CVE-2024-40984",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2024-07-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297568"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Revert \"ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\"\n\nUndo the modifications made in commit d410ee5109a1 (\"ACPICA: avoid\n\"Info: mapping multiple BARs. Your kernel is fine.\"\"). The initial\npurpose of this commit was to stop memory mappings for operation\nregions from overlapping page boundaries, as it can trigger warnings\nif different page attributes are present.\n\nHowever, it was found that when this situation arises, mapping\ncontinues until the boundary\u0027s end, but there is still an attempt to\nread/write the entire length of the map, leading to a NULL pointer\ndeference. For example, if a four-byte mapping request is made but\nonly one byte is mapped because it hits the current page boundary\u0027s\nend, a four-byte read/write attempt is still made, resulting in a NULL\npointer deference.\n\nInstead, map the entire length, as the ACPI specification does not\nmandate that it must be within the same page boundary. It is\npermissible for it to be mapped across different regions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: ACPICA: Revert \u0026#34;ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0026#34;",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-40984"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297568",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297568"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-40984",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-40984"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40984",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40984"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071201-CVE-2024-40984-66b2@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071201-CVE-2024-40984-66b2@gregkh/T"
        }
      ],
      "release_date": "2024-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: ACPICA: Revert \u0026#34;ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\u0026#34;"
    },
    {
      "cve": "CVE-2024-40995",
      "cwe": {
        "id": "CWE-833",
        "name": "Deadlock"
      },
      "discovery_date": "2024-07-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2297579"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()\n\nsyzbot found hanging tasks waiting on rtnl_lock [1]\n\nA reproducer is available in the syzbot bug.\n\nWhen a request to add multiple actions with the same index is sent, the\nsecond request will block forever on the first request. This holds\nrtnl_lock, and causes tasks to hang.\n\nReturn -EAGAIN to prevent infinite looping, while keeping documented\nbehavior.\n\n[1]\n\nINFO: task kworker/1:0:5088 blocked for more than 143 seconds.\nNot tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000\nWorkqueue: events_power_efficient reg_check_chans_work\nCall Trace:\n\u003cTASK\u003e\ncontext_switch kernel/sched/core.c:5409 [inline]\n__schedule+0xf15/0x5d00 kernel/sched/core.c:6746\n__schedule_loop kernel/sched/core.c:6823 [inline]\nschedule+0xe7/0x350 kernel/sched/core.c:6838\nschedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895\n__mutex_lock_common kernel/locking/mutex.c:684 [inline]\n__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752\nwiphy_lock include/net/cfg80211.h:5953 [inline]\nreg_leave_invalid_chans net/wireless/reg.c:2466 [inline]\nreg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-40995"
        },
        {
          "category": "external",
          "summary": "RHBZ#2297579",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297579"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-40995",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-40995"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40995",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40995"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024071251-CVE-2024-40995-2a5c@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024071251-CVE-2024-40995-2a5c@gregkh/T"
        }
      ],
      "release_date": "2024-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()"
    },
    {
      "cve": "CVE-2024-41055",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2024-07-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2300429"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms-\u003eusage\" to fix a race with section_deactivate() where\nms-\u003eusage can be cleared.  The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference.  We need to check its value before\ndereferencing it.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-41055"
        },
        {
          "category": "external",
          "summary": "RHBZ#2300429",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300429"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41055",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-41055"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41055",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41055"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024072928-CVE-2024-41055-5764@gregkh/T"
        }
      ],
      "release_date": "2024-07-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: mm: prevent derefencing NULL ptr in pfn_section_valid()"
    },
    {
      "cve": "CVE-2024-41071",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2024-07-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2300448"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out-of-bounds buffer overflow has been found in the Linux kernel\u2019s mac80211 subsystem when scanning for SSIDs. Address calculation using out-of-bounds array indexing could result in an attacker crafting an exploit, resulting in the complete compromise of a system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
          "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
          "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-41071"
        },
        {
          "category": "external",
          "summary": "RHBZ#2300448",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300448"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41071",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-41071"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41071",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41071"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2024072909-CVE-2024-41071-4eb6@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2024072909-CVE-2024-41071-4eb6@gregkh/T"
        }
      ],
      "release_date": "2024-07-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:6990"
        },
        {
          "category": "workaround",
          "details": "There are no mitigations for the flaw. Please update your system for fixes.",
          "product_ids": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.src",
            "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64",
            "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.117.1.rt21.189.el9_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing"
    }
  ]
}

cve-2022-48799

Vulnerability from cvelistv5

Published

2024-07-16 11:43

Modified

2024-09-11 17:34

Severity ?

Summary

perf: Fix list corruption in perf_cgroup_switch()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5d76ed4223403f90421782adb2f20a9ecbc93186
	https://git.kernel.org/stable/c/30d9f3cbe47e1018ddc8069ac5b5c9e66fbdf727
	https://git.kernel.org/stable/c/a2ed7b29d0673ba361546e2d87dbbed149456c45
	https://git.kernel.org/stable/c/f6b5d51976fcefef5732da3e3feb3ccff680f7c8
	https://git.kernel.org/stable/c/7969fe91c9830e045901970e9d755b7505881d4a
	https://git.kernel.org/stable/c/2142bc1469a316fddd10012d76428f7265258f81
	https://git.kernel.org/stable/c/5f4e5ce638e6a490b976ade4a40017b40abb2da0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:25:01.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5d76ed4223403f90421782adb2f20a9ecbc93186"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/30d9f3cbe47e1018ddc8069ac5b5c9e66fbdf727"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a2ed7b29d0673ba361546e2d87dbbed149456c45"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f6b5d51976fcefef5732da3e3feb3ccff680f7c8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7969fe91c9830e045901970e9d755b7505881d4a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2142bc1469a316fddd10012d76428f7265258f81"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f4e5ce638e6a490b976ade4a40017b40abb2da0"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48799",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:59:09.842596Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:14.602Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/events/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5d76ed422340",
              "status": "affected",
              "version": "058fe1c0440e",
              "versionType": "git"
            },
            {
              "lessThan": "30d9f3cbe47e",
              "status": "affected",
              "version": "058fe1c0440e",
              "versionType": "git"
            },
            {
              "lessThan": "a2ed7b29d067",
              "status": "affected",
              "version": "058fe1c0440e",
              "versionType": "git"
            },
            {
              "lessThan": "f6b5d51976fc",
              "status": "affected",
              "version": "058fe1c0440e",
              "versionType": "git"
            },
            {
              "lessThan": "7969fe91c983",
              "status": "affected",
              "version": "058fe1c0440e",
              "versionType": "git"
            },
            {
              "lessThan": "2142bc1469a3",
              "status": "affected",
              "version": "058fe1c0440e",
              "versionType": "git"
            },
            {
              "lessThan": "5f4e5ce638e6",
              "status": "affected",
              "version": "058fe1c0440e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/events/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.11"
            },
            {
              "lessThan": "4.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.267",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.230",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.180",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.101",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.24",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.10",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix list corruption in perf_cgroup_switch()\n\nThere\u0027s list corruption on cgrp_cpuctx_list. This happens on the\nfollowing path:\n\n  perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list)\n      cpu_ctx_sched_in\n         ctx_sched_in\n            ctx_pinned_sched_in\n              merge_sched_in\n                  perf_cgroup_event_disable: remove the event from the list\n\nUse list_for_each_entry_safe() to allow removing an entry during\niteration."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-16T11:43:52.894Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5d76ed4223403f90421782adb2f20a9ecbc93186"
        },
        {
          "url": "https://git.kernel.org/stable/c/30d9f3cbe47e1018ddc8069ac5b5c9e66fbdf727"
        },
        {
          "url": "https://git.kernel.org/stable/c/a2ed7b29d0673ba361546e2d87dbbed149456c45"
        },
        {
          "url": "https://git.kernel.org/stable/c/f6b5d51976fcefef5732da3e3feb3ccff680f7c8"
        },
        {
          "url": "https://git.kernel.org/stable/c/7969fe91c9830e045901970e9d755b7505881d4a"
        },
        {
          "url": "https://git.kernel.org/stable/c/2142bc1469a316fddd10012d76428f7265258f81"
        },
        {
          "url": "https://git.kernel.org/stable/c/5f4e5ce638e6a490b976ade4a40017b40abb2da0"
        }
      ],
      "title": "perf: Fix list corruption in perf_cgroup_switch()",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48799",
    "datePublished": "2024-07-16T11:43:52.894Z",
    "dateReserved": "2024-07-16T11:38:08.895Z",
    "dateUpdated": "2024-09-11T17:34:14.602Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-41071

Vulnerability from cvelistv5

Published

2024-07-29 14:57

Modified

2024-10-17 13:48

Severity ?

Summary

wifi: mac80211: Avoid address calculations via out of bounds array indexing

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a2bb0c5d0086be5ab5054465dfaa381a1144905c
	https://git.kernel.org/stable/c/26b177ecdd311f20de4c379f0630858a675dfc0c
	https://git.kernel.org/stable/c/4f43a614b1b84f0d1e3c48cc541c3bfdf414a6d0
	https://git.kernel.org/stable/c/2663d0462eb32ae7c9b035300ab6b1523886c718

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:46:52.334Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4f43a614b1b84f0d1e3c48cc541c3bfdf414a6d0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2663d0462eb32ae7c9b035300ab6b1523886c718"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41071",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:21:36.947348Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:00.801Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/mac80211/scan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a2bb0c5d0086",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "26b177ecdd31",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4f43a614b1b8",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2663d0462eb3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/mac80211/scan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.113",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.57",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.11",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Avoid address calculations via out of bounds array indexing\n\nreq-\u003en_channels must be set before req-\u003echannels[] can be used.\n\nThis patch fixes one of the issues encountered in [1].\n\n[   83.964255] UBSAN: array-index-out-of-bounds in net/mac80211/scan.c:364:4\n[   83.964258] index 0 is out of range for type \u0027struct ieee80211_channel *[]\u0027\n[...]\n[   83.964264] Call Trace:\n[   83.964267]  \u003cTASK\u003e\n[   83.964269]  dump_stack_lvl+0x3f/0xc0\n[   83.964274]  __ubsan_handle_out_of_bounds+0xec/0x110\n[   83.964278]  ieee80211_prep_hw_scan+0x2db/0x4b0\n[   83.964281]  __ieee80211_start_scan+0x601/0x990\n[   83.964291]  nl80211_trigger_scan+0x874/0x980\n[   83.964295]  genl_family_rcv_msg_doit+0xe8/0x160\n[   83.964298]  genl_rcv_msg+0x240/0x270\n[...]\n\n[1] https://bugzilla.kernel.org/show_bug.cgi?id=218810"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-17T13:48:04.346Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a2bb0c5d0086be5ab5054465dfaa381a1144905c"
        },
        {
          "url": "https://git.kernel.org/stable/c/26b177ecdd311f20de4c379f0630858a675dfc0c"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f43a614b1b84f0d1e3c48cc541c3bfdf414a6d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/2663d0462eb32ae7c9b035300ab6b1523886c718"
        }
      ],
      "title": "wifi: mac80211: Avoid address calculations via out of bounds array indexing",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-41071",
    "datePublished": "2024-07-29T14:57:31.623Z",
    "dateReserved": "2024-07-12T12:17:45.631Z",
    "dateUpdated": "2024-10-17T13:48:04.346Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48773

Vulnerability from cvelistv5

Published

2024-07-16 11:13

Modified

2024-09-11 17:34

Severity ?

Summary

xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1e7433fb95ccc01629a5edaa4ced0cd8c98d0ae0
	https://git.kernel.org/stable/c/9921c866dc369577c3ebb9adf2383b01b58c18de
	https://git.kernel.org/stable/c/2526d4d8b209dc5ac1fbeb468149774888b2a141
	https://git.kernel.org/stable/c/a9c10b5b3b67b3750a10c8b089b2e05f5e176e33

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:25:01.549Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1e7433fb95ccc01629a5edaa4ced0cd8c98d0ae0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9921c866dc369577c3ebb9adf2383b01b58c18de"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2526d4d8b209dc5ac1fbeb468149774888b2a141"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a9c10b5b3b67b3750a10c8b089b2e05f5e176e33"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48773",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:00:43.144730Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:17.912Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sunrpc/xprtrdma/verbs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1e7433fb95cc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9921c866dc36",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2526d4d8b209",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a9c10b5b3b67",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sunrpc/xprtrdma/verbs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.102",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.25",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.11",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create\n\nIf there are failures then we must not leave the non-NULL pointers with\nthe error value, otherwise `rpcrdma_ep_destroy` gets confused and tries\nfree them, resulting in an Oops."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-16T11:13:13.111Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1e7433fb95ccc01629a5edaa4ced0cd8c98d0ae0"
        },
        {
          "url": "https://git.kernel.org/stable/c/9921c866dc369577c3ebb9adf2383b01b58c18de"
        },
        {
          "url": "https://git.kernel.org/stable/c/2526d4d8b209dc5ac1fbeb468149774888b2a141"
        },
        {
          "url": "https://git.kernel.org/stable/c/a9c10b5b3b67b3750a10c8b089b2e05f5e176e33"
        }
      ],
      "title": "xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48773",
    "datePublished": "2024-07-16T11:13:13.111Z",
    "dateReserved": "2024-06-20T11:09:39.061Z",
    "dateUpdated": "2024-09-11T17:34:17.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-40984

Vulnerability from cvelistv5

Published

2024-07-12 12:33

Modified

2024-09-11 17:34

Severity ?

Summary

ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."

References

▼	URL	Tags
	https://git.kernel.org/stable/c/435ecc978c3d5d0c4e172ec5b956dc1904061d98
	https://git.kernel.org/stable/c/ae465109d82f4fb03c5adbe85f2d6a6a3d59124c
	https://git.kernel.org/stable/c/6eca23100e9030725f69c1babacd58803f29ec8d
	https://git.kernel.org/stable/c/dc5017c57f5eee80020c73ff8b67ba7f9fd08b1f
	https://git.kernel.org/stable/c/ddc1f5f124479360a1fd43f73be950781d172239
	https://git.kernel.org/stable/c/434c6b924e1f4c219aab2d9e05fe79c5364e37d3
	https://git.kernel.org/stable/c/e21a4c9129c72fa54dd00f5ebf71219b41d43c04
	https://git.kernel.org/stable/c/a83e1385b780d41307433ddbc86e3c528db031f0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:39:56.027Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/435ecc978c3d5d0c4e172ec5b956dc1904061d98"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ae465109d82f4fb03c5adbe85f2d6a6a3d59124c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6eca23100e9030725f69c1babacd58803f29ec8d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dc5017c57f5eee80020c73ff8b67ba7f9fd08b1f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ddc1f5f124479360a1fd43f73be950781d172239"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/434c6b924e1f4c219aab2d9e05fe79c5364e37d3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e21a4c9129c72fa54dd00f5ebf71219b41d43c04"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a83e1385b780d41307433ddbc86e3c528db031f0"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40984",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:02:10.333733Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:21.046Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/acpi/acpica/exregion.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "435ecc978c3d",
              "status": "affected",
              "version": "d410ee5109a1",
              "versionType": "git"
            },
            {
              "lessThan": "ae465109d82f",
              "status": "affected",
              "version": "d410ee5109a1",
              "versionType": "git"
            },
            {
              "lessThan": "6eca23100e90",
              "status": "affected",
              "version": "d410ee5109a1",
              "versionType": "git"
            },
            {
              "lessThan": "dc5017c57f5e",
              "status": "affected",
              "version": "d410ee5109a1",
              "versionType": "git"
            },
            {
              "lessThan": "ddc1f5f12447",
              "status": "affected",
              "version": "d410ee5109a1",
              "versionType": "git"
            },
            {
              "lessThan": "434c6b924e1f",
              "status": "affected",
              "version": "d410ee5109a1",
              "versionType": "git"
            },
            {
              "lessThan": "e21a4c9129c7",
              "status": "affected",
              "version": "d410ee5109a1",
              "versionType": "git"
            },
            {
              "lessThan": "a83e1385b780",
              "status": "affected",
              "version": "d410ee5109a1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/acpi/acpica/exregion.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.32"
            },
            {
              "lessThan": "2.6.32",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.317",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.279",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.221",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.162",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.96",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.36",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.7",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Revert \"ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\"\n\nUndo the modifications made in commit d410ee5109a1 (\"ACPICA: avoid\n\"Info: mapping multiple BARs. Your kernel is fine.\"\"). The initial\npurpose of this commit was to stop memory mappings for operation\nregions from overlapping page boundaries, as it can trigger warnings\nif different page attributes are present.\n\nHowever, it was found that when this situation arises, mapping\ncontinues until the boundary\u0027s end, but there is still an attempt to\nread/write the entire length of the map, leading to a NULL pointer\ndeference. For example, if a four-byte mapping request is made but\nonly one byte is mapped because it hits the current page boundary\u0027s\nend, a four-byte read/write attempt is still made, resulting in a NULL\npointer deference.\n\nInstead, map the entire length, as the ACPI specification does not\nmandate that it must be within the same page boundary. It is\npermissible for it to be mapped across different regions."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:52:47.700Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/435ecc978c3d5d0c4e172ec5b956dc1904061d98"
        },
        {
          "url": "https://git.kernel.org/stable/c/ae465109d82f4fb03c5adbe85f2d6a6a3d59124c"
        },
        {
          "url": "https://git.kernel.org/stable/c/6eca23100e9030725f69c1babacd58803f29ec8d"
        },
        {
          "url": "https://git.kernel.org/stable/c/dc5017c57f5eee80020c73ff8b67ba7f9fd08b1f"
        },
        {
          "url": "https://git.kernel.org/stable/c/ddc1f5f124479360a1fd43f73be950781d172239"
        },
        {
          "url": "https://git.kernel.org/stable/c/434c6b924e1f4c219aab2d9e05fe79c5364e37d3"
        },
        {
          "url": "https://git.kernel.org/stable/c/e21a4c9129c72fa54dd00f5ebf71219b41d43c04"
        },
        {
          "url": "https://git.kernel.org/stable/c/a83e1385b780d41307433ddbc86e3c528db031f0"
        }
      ],
      "title": "ACPICA: Revert \"ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\"",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-40984",
    "datePublished": "2024-07-12T12:33:57.947Z",
    "dateReserved": "2024-07-12T12:17:45.604Z",
    "dateUpdated": "2024-09-11T17:34:21.046Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47559

Vulnerability from cvelistv5

Published

2024-05-24 15:12

Modified

2024-08-04 05:39

Severity ?

Summary

net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c94cbd262b6aa3b54d73a1ed1f9c0d19df57f4ff
	https://git.kernel.org/stable/c/bb851d0fb02547d03cd40106b5f2391c4fed6ed1
	https://git.kernel.org/stable/c/587acad41f1bc48e16f42bb2aca63bf323380be8

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47559",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T19:14:31.432418Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:40.808Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.699Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c94cbd262b6aa3b54d73a1ed1f9c0d19df57f4ff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bb851d0fb02547d03cd40106b5f2391c4fed6ed1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/587acad41f1bc48e16f42bb2aca63bf323380be8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/smc/smc_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c94cbd262b6a",
              "status": "affected",
              "version": "cb9d43f67754",
              "versionType": "git"
            },
            {
              "lessThan": "bb851d0fb025",
              "status": "affected",
              "version": "cb9d43f67754",
              "versionType": "git"
            },
            {
              "lessThan": "587acad41f1b",
              "status": "affected",
              "version": "cb9d43f67754",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/smc/smc_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.18"
            },
            {
              "lessThan": "4.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.83",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.6",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()\n\nCoverity reports a possible NULL dereferencing problem:\n\nin smc_vlan_by_tcpsk():\n6. returned_null: netdev_lower_get_next returns NULL (checked 29 out of 30 times).\n7. var_assigned: Assigning: ndev = NULL return value from netdev_lower_get_next.\n1623                ndev = (struct net_device *)netdev_lower_get_next(ndev, \u0026lower);\nCID 1468509 (#1 of 1): Dereference null return value (NULL_RETURNS)\n8. dereference: Dereferencing a pointer that might be NULL ndev when calling is_vlan_dev.\n1624                if (is_vlan_dev(ndev)) {\n\nRemove the manual implementation and use netdev_walk_all_lower_dev() to\niterate over the lower devices. While on it remove an obsolete function\nparameter comment."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T05:10:04.954Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c94cbd262b6aa3b54d73a1ed1f9c0d19df57f4ff"
        },
        {
          "url": "https://git.kernel.org/stable/c/bb851d0fb02547d03cd40106b5f2391c4fed6ed1"
        },
        {
          "url": "https://git.kernel.org/stable/c/587acad41f1bc48e16f42bb2aca63bf323380be8"
        }
      ],
      "title": "net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()",
      "x_generator": {
        "engine": "bippy-a5840b7849dd"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47559",
    "datePublished": "2024-05-24T15:12:48.675Z",
    "dateReserved": "2024-05-24T15:11:00.727Z",
    "dateUpdated": "2024-08-04T05:39:59.699Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47393

Vulnerability from cvelistv5

Published

2024-05-21 15:03

Modified

2024-08-04 05:39

Severity ?

Summary

hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5c6e0bce647d9cb32a17d58ffa669b3421fcc6ca
	https://git.kernel.org/stable/c/a6c42ae1530f94724d3c42cf91fe3d3c5e394f8a
	https://git.kernel.org/stable/c/76bbb482d33bfcd7e9070ecf594c9ec73e01c930
	https://git.kernel.org/stable/c/aa85fb7bde558bb2e364e85976b14b259c8b6fe8
	https://git.kernel.org/stable/c/e6fab7af6ba1bc77c78713a83876f60ca7a4a064

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47393",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T18:20:58.398559Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:55.155Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.728Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5c6e0bce647d9cb32a17d58ffa669b3421fcc6ca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a6c42ae1530f94724d3c42cf91fe3d3c5e394f8a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/76bbb482d33bfcd7e9070ecf594c9ec73e01c930"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa85fb7bde558bb2e364e85976b14b259c8b6fe8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e6fab7af6ba1bc77c78713a83876f60ca7a4a064"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hwmon/mlxreg-fan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5c6e0bce647d",
              "status": "affected",
              "version": "65afb4c8e7e4",
              "versionType": "git"
            },
            {
              "lessThan": "a6c42ae1530f",
              "status": "affected",
              "version": "65afb4c8e7e4",
              "versionType": "git"
            },
            {
              "lessThan": "76bbb482d33b",
              "status": "affected",
              "version": "65afb4c8e7e4",
              "versionType": "git"
            },
            {
              "lessThan": "aa85fb7bde55",
              "status": "affected",
              "version": "65afb4c8e7e4",
              "versionType": "git"
            },
            {
              "lessThan": "e6fab7af6ba1",
              "status": "affected",
              "version": "65afb4c8e7e4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hwmon/mlxreg-fan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "lessThan": "4.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.209",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.151",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.71",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.10",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs\n\nFan speed minimum can be enforced from sysfs. For example, setting\ncurrent fan speed to 20 is used to enforce fan speed to be at 100%\nspeed, 19 - to be not below 90% speed, etcetera. This feature provides\nability to limit fan speed according to some system wise\nconsiderations, like absence of some replaceable units or high system\nambient temperature.\n\nRequest for changing fan minimum speed is configuration request and can\nbe set only through \u0027sysfs\u0027 write procedure. In this situation value of\nargument \u0027state\u0027 is above nominal fan speed maximum.\n\nReturn non-zero code in this case to avoid\nthermal_cooling_device_stats_update() call, because in this case\nstatistics update violates thermal statistics table range.\nThe issues is observed in case kernel is configured with option\nCONFIG_THERMAL_STATISTICS.\n\nHere is the trace from KASAN:\n[  159.506659] BUG: KASAN: slab-out-of-bounds in thermal_cooling_device_stats_update+0x7d/0xb0\n[  159.516016] Read of size 4 at addr ffff888116163840 by task hw-management.s/7444\n[  159.545625] Call Trace:\n[  159.548366]  dump_stack+0x92/0xc1\n[  159.552084]  ? thermal_cooling_device_stats_update+0x7d/0xb0\n[  159.635869]  thermal_zone_device_update+0x345/0x780\n[  159.688711]  thermal_zone_device_set_mode+0x7d/0xc0\n[  159.694174]  mlxsw_thermal_modules_init+0x48f/0x590 [mlxsw_core]\n[  159.700972]  ? mlxsw_thermal_set_cur_state+0x5a0/0x5a0 [mlxsw_core]\n[  159.731827]  mlxsw_thermal_init+0x763/0x880 [mlxsw_core]\n[  160.070233] RIP: 0033:0x7fd995909970\n[  160.074239] Code: 73 01 c3 48 8b 0d 28 d5 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 99 2d 2c 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ..\n[  160.095242] RSP: 002b:00007fff54f5d938 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[  160.103722] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 00007fd995909970\n[  160.111710] RDX: 0000000000000013 RSI: 0000000001906008 RDI: 0000000000000001\n[  160.119699] RBP: 0000000001906008 R08: 00007fd995bc9760 R09: 00007fd996210700\n[  160.127687] R10: 0000000000000073 R11: 0000000000000246 R12: 0000000000000013\n[  160.135673] R13: 0000000000000001 R14: 00007fd995bc8600 R15: 0000000000000013\n[  160.143671]\n[  160.145338] Allocated by task 2924:\n[  160.149242]  kasan_save_stack+0x19/0x40\n[  160.153541]  __kasan_kmalloc+0x7f/0xa0\n[  160.157743]  __kmalloc+0x1a2/0x2b0\n[  160.161552]  thermal_cooling_device_setup_sysfs+0xf9/0x1a0\n[  160.167687]  __thermal_cooling_device_register+0x1b5/0x500\n[  160.173833]  devm_thermal_of_cooling_device_register+0x60/0xa0\n[  160.180356]  mlxreg_fan_probe+0x474/0x5e0 [mlxreg_fan]\n[  160.248140]\n[  160.249807] The buggy address belongs to the object at ffff888116163400\n[  160.249807]  which belongs to the cache kmalloc-1k of size 1024\n[  160.263814] The buggy address is located 64 bytes to the right of\n[  160.263814]  1024-byte region [ffff888116163400, ffff888116163800)\n[  160.277536] The buggy address belongs to the page:\n[  160.282898] page:0000000012275840 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888116167000 pfn:0x116160\n[  160.294872] head:0000000012275840 order:3 compound_mapcount:0 compound_pincount:0\n[  160.303251] flags: 0x200000000010200(slab|head|node=0|zone=2)\n[  160.309694] raw: 0200000000010200 ffffea00046f7208 ffffea0004928208 ffff88810004dbc0\n[  160.318367] raw: ffff888116167000 00000000000a0006 00000001ffffffff 0000000000000000\n[  160.327033] page dumped because: kasan: bad access detected\n[  160.333270]\n[  160.334937] Memory state around the buggy address:\n[  160.356469] \u003effff888116163800: fc .."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T05:07:10.347Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5c6e0bce647d9cb32a17d58ffa669b3421fcc6ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/a6c42ae1530f94724d3c42cf91fe3d3c5e394f8a"
        },
        {
          "url": "https://git.kernel.org/stable/c/76bbb482d33bfcd7e9070ecf594c9ec73e01c930"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa85fb7bde558bb2e364e85976b14b259c8b6fe8"
        },
        {
          "url": "https://git.kernel.org/stable/c/e6fab7af6ba1bc77c78713a83876f60ca7a4a064"
        }
      ],
      "title": "hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs",
      "x_generator": {
        "engine": "bippy-a5840b7849dd"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47393",
    "datePublished": "2024-05-21T15:03:50.844Z",
    "dateReserved": "2024-05-21T14:58:30.814Z",
    "dateUpdated": "2024-08-04T05:39:59.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-41055

Vulnerability from cvelistv5

Published

2024-07-29 14:32

Modified

2024-09-11 17:33

Severity ?

Summary

mm: prevent derefencing NULL ptr in pfn_section_valid()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982
	https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503
	https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509
	https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7
	https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63
	https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:46:52.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41055",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:22:28.194623Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:01.312Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/mmzone.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0100aeb8a12d",
              "status": "affected",
              "version": "90ad17575d26",
              "versionType": "git"
            },
            {
              "lessThan": "bc17f2377818",
              "status": "affected",
              "version": "b448de2459b6",
              "versionType": "git"
            },
            {
              "lessThan": "941e81618566",
              "status": "affected",
              "version": "68ed9e333240",
              "versionType": "git"
            },
            {
              "lessThan": "797323d1cf92",
              "status": "affected",
              "version": "70064241f222",
              "versionType": "git"
            },
            {
              "lessThan": "adccdf702b4e",
              "status": "affected",
              "version": "5ec8e8ea8b77",
              "versionType": "git"
            },
            {
              "lessThan": "82f0b6f041fa",
              "status": "affected",
              "version": "5ec8e8ea8b77",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/linux/mmzone.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.8"
            },
            {
              "lessThan": "6.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.222",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.163",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.100",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.41",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.10",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms-\u003eusage\" to fix a race with section_deactivate() where\nms-\u003eusage can be cleared.  The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference.  We need to check its value before\ndereferencing it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-29T14:32:10.672Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0100aeb8a12d51950418e685f879cc80cb8e5982"
        },
        {
          "url": "https://git.kernel.org/stable/c/bc17f2377818dca643a74499c3f5333500c90503"
        },
        {
          "url": "https://git.kernel.org/stable/c/941e816185661bf2b44b488565d09444ae316509"
        },
        {
          "url": "https://git.kernel.org/stable/c/797323d1cf92d09b7a017cfec576d9babf99cde7"
        },
        {
          "url": "https://git.kernel.org/stable/c/adccdf702b4ea913ded5ff512239e382d7473b63"
        },
        {
          "url": "https://git.kernel.org/stable/c/82f0b6f041fad768c28b4ad05a683065412c226e"
        }
      ],
      "title": "mm: prevent derefencing NULL ptr in pfn_section_valid()",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-41055",
    "datePublished": "2024-07-29T14:32:10.672Z",
    "dateReserved": "2024-07-12T12:17:45.627Z",
    "dateUpdated": "2024-09-11T17:33:01.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48786

Vulnerability from cvelistv5

Published

2024-07-16 11:43

Modified

2024-09-11 17:34

Severity ?

Summary

vsock: remove vsock from connected table when connect is interrupted by a signal

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0bb88f3f7e8d506f3efe46d694964117e20efbfc
	https://git.kernel.org/stable/c/e3b3939fd137aab6d00d54bee0ee9244b286a608
	https://git.kernel.org/stable/c/2910bcb9f67551a45397735e47b6d456eb8cd549
	https://git.kernel.org/stable/c/5f326fe2aef411a6575628f92bd861463ea91df7
	https://git.kernel.org/stable/c/87cd1bbd6677411e17369cd4b7389ab1e1fdba44
	https://git.kernel.org/stable/c/787468ee7a435777521d33399d012fd591ae2f94
	https://git.kernel.org/stable/c/addd62a8cb6fa90aa322365c62487da61f6baab8
	https://git.kernel.org/stable/c/b9208492fcaecff8f43915529ae34b3bcb03877c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:25:01.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0bb88f3f7e8d506f3efe46d694964117e20efbfc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e3b3939fd137aab6d00d54bee0ee9244b286a608"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2910bcb9f67551a45397735e47b6d456eb8cd549"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f326fe2aef411a6575628f92bd861463ea91df7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/87cd1bbd6677411e17369cd4b7389ab1e1fdba44"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/787468ee7a435777521d33399d012fd591ae2f94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/addd62a8cb6fa90aa322365c62487da61f6baab8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b9208492fcaecff8f43915529ae34b3bcb03877c"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48786",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:59:52.125930Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:16.278Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/vmw_vsock/af_vsock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0bb88f3f7e8d",
              "status": "affected",
              "version": "d021c344051a",
              "versionType": "git"
            },
            {
              "lessThan": "e3b3939fd137",
              "status": "affected",
              "version": "d021c344051a",
              "versionType": "git"
            },
            {
              "lessThan": "2910bcb9f675",
              "status": "affected",
              "version": "d021c344051a",
              "versionType": "git"
            },
            {
              "lessThan": "5f326fe2aef4",
              "status": "affected",
              "version": "d021c344051a",
              "versionType": "git"
            },
            {
              "lessThan": "87cd1bbd6677",
              "status": "affected",
              "version": "d021c344051a",
              "versionType": "git"
            },
            {
              "lessThan": "787468ee7a43",
              "status": "affected",
              "version": "d021c344051a",
              "versionType": "git"
            },
            {
              "lessThan": "addd62a8cb6f",
              "status": "affected",
              "version": "d021c344051a",
              "versionType": "git"
            },
            {
              "lessThan": "b9208492fcae",
              "status": "affected",
              "version": "d021c344051a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/vmw_vsock/af_vsock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.9"
            },
            {
              "lessThan": "3.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.303",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.268",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.231",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.181",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.102",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.25",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.11",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: remove vsock from connected table when connect is interrupted by a signal\n\nvsock_connect() expects that the socket could already be in the\nTCP_ESTABLISHED state when the connecting task wakes up with a signal\npending. If this happens the socket will be in the connected table, and\nit is not removed when the socket state is reset. In this situation it\u0027s\ncommon for the process to retry connect(), and if the connection is\nsuccessful the socket will be added to the connected table a second\ntime, corrupting the list.\n\nPrevent this by calling vsock_remove_connected() if a signal is received\nwhile waiting for a connection. This is harmless if the socket is not in\nthe connected table, and if it is in the table then removing it will\nprevent list corruption from a double add.\n\nNote for backporting: this patch requires d5afa82c977e (\"vsock: correct\nremoval of socket from the list\"), which is in all current stable trees\nexcept 4.9.y."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-16T11:43:43.677Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0bb88f3f7e8d506f3efe46d694964117e20efbfc"
        },
        {
          "url": "https://git.kernel.org/stable/c/e3b3939fd137aab6d00d54bee0ee9244b286a608"
        },
        {
          "url": "https://git.kernel.org/stable/c/2910bcb9f67551a45397735e47b6d456eb8cd549"
        },
        {
          "url": "https://git.kernel.org/stable/c/5f326fe2aef411a6575628f92bd861463ea91df7"
        },
        {
          "url": "https://git.kernel.org/stable/c/87cd1bbd6677411e17369cd4b7389ab1e1fdba44"
        },
        {
          "url": "https://git.kernel.org/stable/c/787468ee7a435777521d33399d012fd591ae2f94"
        },
        {
          "url": "https://git.kernel.org/stable/c/addd62a8cb6fa90aa322365c62487da61f6baab8"
        },
        {
          "url": "https://git.kernel.org/stable/c/b9208492fcaecff8f43915529ae34b3bcb03877c"
        }
      ],
      "title": "vsock: remove vsock from connected table when connect is interrupted by a signal",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48786",
    "datePublished": "2024-07-16T11:43:43.677Z",
    "dateReserved": "2024-07-16T11:38:08.890Z",
    "dateUpdated": "2024-09-11T17:34:16.278Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-48816

Vulnerability from cvelistv5

Published

2024-07-16 11:44

Modified

2024-09-11 17:33

Severity ?

Summary

SUNRPC: lock against ->sock changing during sysfs read

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9482ab4540f5bcc869b44c067ae99b5fca16bd07
	https://git.kernel.org/stable/c/b49ea673e119f59c71645e2f65b3ccad857c90ee

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:25:01.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9482ab4540f5bcc869b44c067ae99b5fca16bd07"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b49ea673e119f59c71645e2f65b3ccad857c90ee"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48816",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:58:15.719556Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:00.382Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sunrpc/sysfs.c",
            "net/sunrpc/xprtsock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9482ab4540f5",
              "status": "affected",
              "version": "a8482488a7d6",
              "versionType": "git"
            },
            {
              "lessThan": "b49ea673e119",
              "status": "affected",
              "version": "a8482488a7d6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sunrpc/sysfs.c",
            "net/sunrpc/xprtsock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.10",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: lock against -\u003esock changing during sysfs read\n\n-\u003esock can be set to NULL asynchronously unless -\u003erecv_mutex is held.\nSo it is important to hold that mutex.  Otherwise a sysfs read can\ntrigger an oops.\nCommit 17f09d3f619a (\"SUNRPC: Check if the xprt is connected before\nhandling sysfs reads\") appears to attempt to fix this problem, but it\nonly narrows the race window."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-16T11:44:04.654Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9482ab4540f5bcc869b44c067ae99b5fca16bd07"
        },
        {
          "url": "https://git.kernel.org/stable/c/b49ea673e119f59c71645e2f65b3ccad857c90ee"
        }
      ],
      "title": "SUNRPC: lock against -\u003esock changing during sysfs read",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48816",
    "datePublished": "2024-07-16T11:44:04.654Z",
    "dateReserved": "2024-07-16T11:38:08.900Z",
    "dateUpdated": "2024-09-11T17:33:00.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52489

Vulnerability from cvelistv5

Published

2024-02-29 15:52

Modified

2024-08-02 23:03

Severity ?

Summary

mm/sparsemem: fix race in accessing memory_section->usage

References

▼	URL	Tags
	https://git.kernel.org/stable/c/90ad17575d26874287271127d43ef3c2af876cea
	https://git.kernel.org/stable/c/b448de2459b6d62a53892487ab18b7d823ff0529
	https://git.kernel.org/stable/c/68ed9e33324021e9d6b798e9db00ca3093d2012a
	https://git.kernel.org/stable/c/70064241f2229f7ba7b9599a98f68d9142e81a97
	https://git.kernel.org/stable/c/3a01daace71b521563c38bbbf874e14c3e58adb7
	https://git.kernel.org/stable/c/5ec8e8ea8b7783fab150cf86404fc38cb4db8800
	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52489",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-12T14:56:15.828991Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:46.560Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:20.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/90ad17575d26874287271127d43ef3c2af876cea"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b448de2459b6d62a53892487ab18b7d823ff0529"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/68ed9e33324021e9d6b798e9db00ca3093d2012a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/70064241f2229f7ba7b9599a98f68d9142e81a97"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a01daace71b521563c38bbbf874e14c3e58adb7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5ec8e8ea8b7783fab150cf86404fc38cb4db8800"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/mmzone.h",
            "mm/sparse.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "90ad17575d26",
              "status": "affected",
              "version": "f46edbd1b151",
              "versionType": "git"
            },
            {
              "lessThan": "b448de2459b6",
              "status": "affected",
              "version": "f46edbd1b151",
              "versionType": "git"
            },
            {
              "lessThan": "68ed9e333240",
              "status": "affected",
              "version": "f46edbd1b151",
              "versionType": "git"
            },
            {
              "lessThan": "70064241f222",
              "status": "affected",
              "version": "f46edbd1b151",
              "versionType": "git"
            },
            {
              "lessThan": "3a01daace71b",
              "status": "affected",
              "version": "f46edbd1b151",
              "versionType": "git"
            },
            {
              "lessThan": "5ec8e8ea8b77",
              "status": "affected",
              "version": "f46edbd1b151",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/linux/mmzone.h",
            "mm/sparse.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.210",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.149",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.76",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.15",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.3",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/sparsemem: fix race in accessing memory_section-\u003eusage\n\nThe below race is observed on a PFN which falls into the device memory\nregion with the system memory configuration where PFN\u0027s are such that\n[ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL].  Since normal zone start and end\npfn contains the device memory PFN\u0027s as well, the compaction triggered\nwill try on the device memory PFN\u0027s too though they end up in NOP(because\npfn_to_online_page() returns NULL for ZONE_DEVICE memory sections).  When\nfrom other core, the section mappings are being removed for the\nZONE_DEVICE region, that the PFN in question belongs to, on which\ncompaction is currently being operated is resulting into the kernel crash\nwith CONFIG_SPASEMEM_VMEMAP enabled.  The crash logs can be seen at [1].\n\ncompact_zone()\t\t\tmemunmap_pages\n-------------\t\t\t---------------\n__pageblock_pfn_to_page\n   ......\n (a)pfn_valid():\n     valid_section()//return true\n\t\t\t      (b)__remove_pages()-\u003e\n\t\t\t\t  sparse_remove_section()-\u003e\n\t\t\t\t    section_deactivate():\n\t\t\t\t    [Free the array ms-\u003eusage and set\n\t\t\t\t     ms-\u003eusage = NULL]\n     pfn_section_valid()\n     [Access ms-\u003eusage which\n     is NULL]\n\nNOTE: From the above it can be said that the race is reduced to between\nthe pfn_valid()/pfn_section_valid() and the section deactivate with\nSPASEMEM_VMEMAP enabled.\n\nThe commit b943f045a9af(\"mm/sparse: fix kernel crash with\npfn_section_valid check\") tried to address the same problem by clearing\nthe SECTION_HAS_MEM_MAP with the expectation of valid_section() returns\nfalse thus ms-\u003eusage is not accessed.\n\nFix this issue by the below steps:\n\na) Clear SECTION_HAS_MEM_MAP before freeing the -\u003eusage.\n\nb) RCU protected read side critical section will either return NULL\n   when SECTION_HAS_MEM_MAP is cleared or can successfully access -\u003eusage.\n\nc) Free the -\u003eusage with kfree_rcu() and set ms-\u003eusage = NULL.  No\n   attempt will be made to access -\u003eusage after this as the\n   SECTION_HAS_MEM_MAP is cleared thus valid_section() return false.\n\nThanks to David/Pavan for their inputs on this patch.\n\n[1] https://lore.kernel.org/linux-mm/994410bb-89aa-d987-1f50-f514903c55aa@quicinc.com/\n\nOn Snapdragon SoC, with the mentioned memory configuration of PFN\u0027s as\n[ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL], we are able to see bunch of\nissues daily while testing on a device farm.\n\nFor this particular issue below is the log.  Though the below log is\nnot directly pointing to the pfn_section_valid(){ ms-\u003eusage;}, when we\nloaded this dump on T32 lauterbach tool, it is pointing.\n\n[  540.578056] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000000\n[  540.578068] Mem abort info:\n[  540.578070]   ESR = 0x0000000096000005\n[  540.578073]   EC = 0x25: DABT (current EL), IL = 32 bits\n[  540.578077]   SET = 0, FnV = 0\n[  540.578080]   EA = 0, S1PTW = 0\n[  540.578082]   FSC = 0x05: level 1 translation fault\n[  540.578085] Data abort info:\n[  540.578086]   ISV = 0, ISS = 0x00000005\n[  540.578088]   CM = 0, WnR = 0\n[  540.579431] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBSBTYPE=--)\n[  540.579436] pc : __pageblock_pfn_to_page+0x6c/0x14c\n[  540.579454] lr : compact_zone+0x994/0x1058\n[  540.579460] sp : ffffffc03579b510\n[  540.579463] x29: ffffffc03579b510 x28: 0000000000235800 x27:000000000000000c\n[  540.579470] x26: 0000000000235c00 x25: 0000000000000068 x24:ffffffc03579b640\n[  540.579477] x23: 0000000000000001 x22: ffffffc03579b660 x21:0000000000000000\n[  540.579483] x20: 0000000000235bff x19: ffffffdebf7e3940 x18:ffffffdebf66d140\n[  540.579489] x17: 00000000739ba063 x16: 00000000739ba063 x15:00000000009f4bff\n[  540.579495] x14: 0000008000000000 x13: 0000000000000000 x12:0000000000000001\n[  540.579501] x11: 0000000000000000 x10: 0000000000000000 x9 :ffffff897d2cd440\n[  540.579507] x8 : 0000000000000000 x7 : 0000000000000000 x6 :ffffffc03579b5b4\n[  540.579512] x5 : 0000000000027f25 x4 : ffffffc03579b5b8 x3 :0000000000000\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-28T19:50:25.623Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/90ad17575d26874287271127d43ef3c2af876cea"
        },
        {
          "url": "https://git.kernel.org/stable/c/b448de2459b6d62a53892487ab18b7d823ff0529"
        },
        {
          "url": "https://git.kernel.org/stable/c/68ed9e33324021e9d6b798e9db00ca3093d2012a"
        },
        {
          "url": "https://git.kernel.org/stable/c/70064241f2229f7ba7b9599a98f68d9142e81a97"
        },
        {
          "url": "https://git.kernel.org/stable/c/3a01daace71b521563c38bbbf874e14c3e58adb7"
        },
        {
          "url": "https://git.kernel.org/stable/c/5ec8e8ea8b7783fab150cf86404fc38cb4db8800"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
        }
      ],
      "title": "mm/sparsemem: fix race in accessing memory_section-\u003eusage",
      "x_generator": {
        "engine": "bippy-a5840b7849dd"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52489",
    "datePublished": "2024-02-29T15:52:08.718Z",
    "dateReserved": "2024-02-20T12:30:33.302Z",
    "dateUpdated": "2024-08-02T23:03:20.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-40995

Vulnerability from cvelistv5

Published

2024-07-12 12:37

Modified

2024-09-11 17:34

Severity ?

Summary

net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74
	https://git.kernel.org/stable/c/c6a7da65a296745535a964be1019ec7691b0cb90
	https://git.kernel.org/stable/c/25987a97eec4d5f897cd04ee1b45170829c610da
	https://git.kernel.org/stable/c/6fc78d67f51aeb9a542d39a8714e16bc411582d4
	https://git.kernel.org/stable/c/5f926aa96b08b6c47178fe1171e7ae331c695fc2
	https://git.kernel.org/stable/c/7a0e497b597df7c4cf2b63fc6e9188b6cabe5335
	https://git.kernel.org/stable/c/d864319871b05fadd153e0aede4811ca7008f5d6

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:39:56.074Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c6a7da65a296745535a964be1019ec7691b0cb90"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25987a97eec4d5f897cd04ee1b45170829c610da"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6fc78d67f51aeb9a542d39a8714e16bc411582d4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f926aa96b08b6c47178fe1171e7ae331c695fc2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7a0e497b597df7c4cf2b63fc6e9188b6cabe5335"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d864319871b05fadd153e0aede4811ca7008f5d6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40995",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:01:35.312165Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:19.797Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sched/act_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0d8a2d287c8a",
              "status": "affected",
              "version": "0190c1d452a9",
              "versionType": "git"
            },
            {
              "lessThan": "c6a7da65a296",
              "status": "affected",
              "version": "0190c1d452a9",
              "versionType": "git"
            },
            {
              "lessThan": "25987a97eec4",
              "status": "affected",
              "version": "0190c1d452a9",
              "versionType": "git"
            },
            {
              "lessThan": "6fc78d67f51a",
              "status": "affected",
              "version": "0190c1d452a9",
              "versionType": "git"
            },
            {
              "lessThan": "5f926aa96b08",
              "status": "affected",
              "version": "0190c1d452a9",
              "versionType": "git"
            },
            {
              "lessThan": "7a0e497b597d",
              "status": "affected",
              "version": "0190c1d452a9",
              "versionType": "git"
            },
            {
              "lessThan": "d864319871b0",
              "status": "affected",
              "version": "0190c1d452a9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sched/act_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "lessThan": "4.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.279",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.221",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.162",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.96",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.36",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.7",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()\n\nsyzbot found hanging tasks waiting on rtnl_lock [1]\n\nA reproducer is available in the syzbot bug.\n\nWhen a request to add multiple actions with the same index is sent, the\nsecond request will block forever on the first request. This holds\nrtnl_lock, and causes tasks to hang.\n\nReturn -EAGAIN to prevent infinite looping, while keeping documented\nbehavior.\n\n[1]\n\nINFO: task kworker/1:0:5088 blocked for more than 143 seconds.\nNot tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000\nWorkqueue: events_power_efficient reg_check_chans_work\nCall Trace:\n\u003cTASK\u003e\ncontext_switch kernel/sched/core.c:5409 [inline]\n__schedule+0xf15/0x5d00 kernel/sched/core.c:6746\n__schedule_loop kernel/sched/core.c:6823 [inline]\nschedule+0xe7/0x350 kernel/sched/core.c:6838\nschedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895\n__mutex_lock_common kernel/locking/mutex.c:684 [inline]\n__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752\nwiphy_lock include/net/cfg80211.h:5953 [inline]\nreg_leave_invalid_chans net/wireless/reg.c:2466 [inline]\nreg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:53:00.787Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74"
        },
        {
          "url": "https://git.kernel.org/stable/c/c6a7da65a296745535a964be1019ec7691b0cb90"
        },
        {
          "url": "https://git.kernel.org/stable/c/25987a97eec4d5f897cd04ee1b45170829c610da"
        },
        {
          "url": "https://git.kernel.org/stable/c/6fc78d67f51aeb9a542d39a8714e16bc411582d4"
        },
        {
          "url": "https://git.kernel.org/stable/c/5f926aa96b08b6c47178fe1171e7ae331c695fc2"
        },
        {
          "url": "https://git.kernel.org/stable/c/7a0e497b597df7c4cf2b63fc6e9188b6cabe5335"
        },
        {
          "url": "https://git.kernel.org/stable/c/d864319871b05fadd153e0aede4811ca7008f5d6"
        }
      ],
      "title": "net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-40995",
    "datePublished": "2024-07-12T12:37:37.791Z",
    "dateReserved": "2024-07-12T12:17:45.607Z",
    "dateUpdated": "2024-09-11T17:34:19.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

Vulnerability from csaf_redhat

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags