rhsa-2024_7005
Vulnerability from csaf_redhat
Published
2024-09-24 00:40
Modified
2024-12-12 09:59
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (CVE-2024-36899)
* kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)
* kernel: ice: Fix improper extts handling (CVE-2024-42139)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (CVE-2024-36899)\n\n* kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)\n\n* kernel: ice: Fix improper extts handling (CVE-2024-42139)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:7005", "url": "https://access.redhat.com/errata/RHSA-2024:7005" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2284549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284549" }, { "category": "external", "summary": "2300448", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300448" }, { "category": "external", "summary": "2301504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301504" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7005.json" } ], "title": "Red Hat Security Advisory: kernel-rt security update", "tracking": { "current_release_date": "2024-12-12T09:59:12+00:00", "generator": { "date": "2024-12-12T09:59:12+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:7005", "initial_release_date": "2024-09-24T00:40:56+00:00", "revision_history": [ { "date": "2024-09-24T00:40:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-09-24T00:40:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-12T09:59:12+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product": { "name": "Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:9.2::realtime" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product": { "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "product": { "name": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "product_id": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.85.1.rt14.370.el9_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.85.1.rt14.370.el9_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src" }, "product_reference": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v.9.2)", "product_id": "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "NFV-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src" }, "product_reference": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v.9.2)", "product_id": "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "relates_to_product_reference": "RT-9.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-36899", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2024-05-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2284549" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: gpiolib: cdev: Fix use after free in lineinfo_changed_notify", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-36899" }, { "category": "external", "summary": "RHBZ#2284549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284549" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-36899", "url": "https://www.cve.org/CVERecord?id=CVE-2024-36899" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-36899", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36899" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024053035-CVE-2024-36899-bfb1@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024053035-CVE-2024-36899-bfb1@gregkh/T" } ], "release_date": "2024-05-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-24T00:40:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7005" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: gpiolib: cdev: Fix use after free in lineinfo_changed_notify" }, { "cve": "CVE-2024-41071", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2024-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2300448" } ], "notes": [ { "category": "description", "text": "An out-of-bounds buffer overflow has been found in the Linux kernel\u2019s mac80211 subsystem when scanning for SSIDs. Address calculation using out-of-bounds array indexing could result in an attacker crafting an exploit, resulting in the complete compromise of a system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41071" }, { "category": "external", "summary": "RHBZ#2300448", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300448" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41071", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41071" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41071", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41071" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024072909-CVE-2024-41071-4eb6@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024072909-CVE-2024-41071-4eb6@gregkh/T" } ], "release_date": "2024-07-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-24T00:40:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7005" }, { "category": "workaround", "details": "There are no mitigations for the flaw. Please update your system for fixes.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing" }, { "cve": "CVE-2024-42139", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-07-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2301504" } ], "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix improper extts handling\n\nExtts events are disabled and enabled by the application ts2phc.\nHowever, in case where the driver is removed when the application is\nrunning, a specific extts event remains enabled and can cause a kernel\ncrash.\nAs a side effect, when the driver is reloaded and application is started\nagain, remaining extts event for the channel from a previous run will\nkeep firing and the message \"extts on unexpected channel\" might be\nprinted to the user.\n\nTo avoid that, extts events shall be disabled when PTP is released.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ice: Fix improper extts handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-42139" }, { "category": "external", "summary": "RHBZ#2301504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301504" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-42139", "url": "https://www.cve.org/CVERecord?id=CVE-2024-42139" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42139", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42139" }, { "category": "external", "summary": "https://lore.kernel.org/linux-cve-announce/2024073030-CVE-2024-42139-f8ef@gregkh/T", "url": "https://lore.kernel.org/linux-cve-announce/2024073030-CVE-2024-42139-f8ef@gregkh/T" } ], "release_date": "2024-07-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-24T00:40:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7005" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "NFV-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "NFV-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.src", "RT-9.2.0.Z.EUS:kernel-rt-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-devel-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-kvm-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-core-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64", "RT-9.2.0.Z.EUS:kernel-rt-modules-extra-0:5.14.0-284.85.1.rt14.370.el9_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ice: Fix improper extts handling" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.