RHSA-2023_2736
Vulnerability from csaf_redhat - Published: 2023-05-16 08:43 - Updated: 2024-11-15 17:16Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)
* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)
* when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656)
* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
* use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)
* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)
* KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)
* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
* race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)
* media: em28xx: initialize refcount before kref_get (CVE-2022-3239)
* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)
* memory leak in ipv6_renew_options() (CVE-2022-3524)
* data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
* data races around sk->sk_prot (CVE-2022-3567)
* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
* denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
* use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)
* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)
* Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)
* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)
* Executable Space Protection Bypass (CVE-2022-25265)
* Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)
* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)
* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)
* Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)
* u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)
* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)
* Denial of service in beacon protection for P2P-device (CVE-2022-42722)
* memory corruption in usbmon driver (CVE-2022-43750)
* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)
* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)
* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)
* Soft lockup occurred during __page_mapcount (CVE-2023-1582)
* slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches.
4.7 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system.
6.7 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
An out-of-bounds write flaw was found in the Linux kernel’s console driver functionality in the way a user triggers the ioctl PIO_FONT with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- 1) Add 1 flower filter for VLAN Priority based frame steering:- $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev $IFDEVNAME root mqprio num_tc 8 \ map 0 1 2 3 4 5 6 7 0 0 0 0 0 0 0 0 \ queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0 $ tc filter add dev $IFDEVNAME parent ffff: protocol 802.1Q \ flower vlan_prio 0 hw_tc 0 2) Get the 'pref' id $ tc filter show dev $IFDEVNAME ingress 3) Delete a specific tc flower record (say pref 49151) $ tc filter del dev $IFDEVNAME parent ffff: pref 49151 From dmesg, we will observe kernel NULL pointer ooops [ 197.170464] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 197.171367] #PF: supervisor read access in kernel mode [ 197.171367] #PF: error_code(0x0000) - not-present page [ 197.171367] PGD 0 P4D 0 [ 197.171367] Oops: 0000 [#1] PREEMPT SMP NOPTI <snip> [ 197.171367] RIP: 0010:tc_setup_cls+0x20b/0x4a0 [stmmac] <snip> [ 197.171367] Call Trace: [ 197.171367] <TASK> [ 197.171367] ? __stmmac_disable_all_queues+0xa8/0xe0 [stmmac] [ 197.171367] stmmac_setup_tc_block_cb+0x70/0x110 [stmmac] [ 197.171367] tc_setup_cb_destroy+0xb3/0x180 [ 197.171367] fl_hw_destroy_filter+0x94/0xc0 [cls_flower] The above issue is due to previous incorrect implementation of tc_del_vlan_flow(), shown below, that uses flow_cls_offload_flow_rule() to get struct flow_rule *rule which is no longer valid for tc filter delete operation. struct flow_rule *rule = flow_cls_offload_flow_rule(cls); struct flow_dissector *dissector = rule->match.dissector; So, to ensure tc_del_vlan_flow() deletes the right VLAN cls record for earlier configured RX queue (configured by hw_tc) in tc_add_vlan_flow(), this patch introduces stmmac_rfs_entry as driver-side flow_cls_offload record for 'RX frame steering' tc flower, currently used for VLAN priority. The implementation has taken consideration for future extension to include other type RX frame steering such as EtherType based. v2: - Clean up overly extensive backtrace and rewrite git message to better explain the kernel NULL pointer issue.
4.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.
6.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate this issue, prevent the module ath9k from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in the KVM's Intel nested virtualization feature (nVMX). Since L1 and L2 shared branch prediction modes (guest-user and guest-kernel), KVM did not protect indirect branches in L1 from steering by a malicious agent in L2. This could allow a malicious nested guest to carry out Spectre v2 attacks against L1 due to a missing IBPB at VM-exit time.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
This vulnerability can be mitigated by disabling the nested virtualization feature:
```
# modprobe -r kvm_intel
# modprobe kvm_intel nested=0
```
A flaw was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and it incorrectly matches on the message. An attacker could exploit this vulnerability to bypass firewall when users are using unencrypted IRC with nf_conntrack_irc configured.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate this issue, prevent the module nf_conntrack_irc from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.
6.7 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
A use-after-free flaw was found in the Linux kernel’s video4linux driver in how a user triggers the em28xx_usb_probe() for the Empia 28xx-based TV cards. This flaw allows a local user to crash or potentially escalate their privileges on the system.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate this issue, prevent module em28xx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A vulnerability was found in hugetlb_no_page in the mm/hugetlb.c file in the Linux Kernel, where a manipulation leads to a race condition. This flaw may allow a local attacker to cause a denial of service and can lead to a kernel information leak issue.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A memory leak flaw was found in the Linux kernel’s IPv6 functionality in how a user triggers the setsockopt of the IPV6_ADDRFORM and IPV6_DSTOPTS type. This flaw allows a user to crash the system if the setsockopt function is being called simultaneously with the IPV6_ADDRFORM type and other processes with the IPV6_DSTOPTS type. This issue is unlikely to happen unless a local process triggers IPV6_ADDRFORM.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.
7.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the Customer Portal at https://access.redhat.com/solutions/2682931.
Alternatively, Bluetooth can be disabled within the hardware or at BIOS level which will also provide an effective mitigation as the kernel will not be able to detect that Bluetooth hardware is present on the system.
A vulnerability was found in the tcp subsystem in the Linux Kernel, due to a data race around icsk->icsk_af_ops. This issue could allow an attacker to leak internal kernel information.
4.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A data race problem was found in sk->sk_prot in the network subsystem in ipv6 in the Linux kernel. This issue occurs while some functions access critical data, leading to a denial of service.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A memory leak flaw was found in the Linux kernel’s L2CAP bluetooth functionality. This issue occurs when a user generates malicious packets, triggering the l2cap_recv_acldata function. This flaw allows a local or bluetooth connection user to potentially crash the system.
4.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the customer portal at https://access.redhat.com/solutions/268293.
Alternatively, bluetooth can be disabled within the hardware or at the BIOS level, which will also provide effective mitigation as the kernel will not detect Bluetooth hardware on the system.
A vulnerability was found in follow_page_pte in mm/gup.c in the Linux Kernel. This issue occurs due to a race problem which can poison the page table entry and cause a denial-of-service.
5.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Netlink device interface implementation in the Linux kernel that improperly handled certain error conditions, leading to a use-after-free issue with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or execute arbitrary code.
7.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate this issue, prevent the brcmfmac module from being loaded. See https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.
5.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
An incorrect access control flaw was found in the Linux kernel USB core subsystem. When attaching a malicious usb device, the recursive locking violation in usb-storage can cause the kernel to deadlock. This issue could allow a local user to crash the system.
4.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
A use-after-free flaw was found in the Linux kernel’s IGMP protocol in how a user triggers a race condition in the ip_check_mc_rcu function. This flaw allows a local user to crash or potentially escalate their privileges on the system.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file.
7.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in the Linux kernel. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag, possibly disabling seccomp.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
If ptrace is not required, ptrace can be disabled in multiple ways.
1. SELinux policy.
# setsebool -P deny_ptrace on
2. Kernel sysctl.
# sysctl -w kernel.yama.ptrace_scope=3
Or to make persistent , create
/etc/sysctl.d/99-yama-ptrace_scope.conf
kernel.yama.ptrace_scope=3
If you need further assistance, see the KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the refcount to drop twice, leading to a possible crash and a denial of service.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in include/asm-generic/tlb.h in the Linux kernel due to a race condition (unmap_mapping_range versus munmap). This issue allows a device driver to free a page while it still has stale TLB entries.
4.7 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in the x86 KVM subsystem in kvm_steal_time_set_preempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A use-after-free flaw was found in the Linux kernel’s dvb-core subsystem (DVB API used by Digital TV devices) in how a user physically removed a USB device (such as a DVB demultiplexer device) while running malicious code. This flaw allows a local user to crash or potentially escalate their privileges on the system.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate this issue, prevent the module dvb-core from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
A buffer overflow flaw was found in the u8 overflow in cfg80211_update_notlisted_nontrans() in net/wireless/scan.c in the Linux kernel’s wifi subcomponent. This flaw allows an attacker to crash the system or leak internal kernel information.
7.3 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A memory leak flaw with use-after-free capability was found in the Linux kernel. The VMA mm/rmap.c functionality in the is_mergeable_anon_vma() function continuously forks, using memory operations to trigger an incorrect reuse of leaf anon_vma. This issue allows a local attacker to crash the system.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A use-after-free flaw was found in bss_ref_get in the net/wireless/scan.c in the Linux kernel. This issue can lead to a denial of service or arbitrary code execution.
7.3 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria, comprised of ease of use and deployment, applicability to widespread installation base, and stability.
A list corruption flaw was found in cfg80211_add_nontrans_list in the net/wireless/scan.c function in the Linux kernel. This flaw could lead to a denial of service.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in P2P-Device in wifi in ieee80211_rx_h_decrypt in net/mac80211/rx.c in the Linux kernel, leading to a denial of service.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate this issue, prevent module mac80211 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
An out-of-bounds memory write flaw in the Linux kernel’s USB Monitor component was found in how a user with access to the /dev/usbmon can trigger it by an incorrect write to the memory of the usbmon. This flaw allows a local user to crash or potentially escalate their privileges on the system.
6.7 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
A NULL pointer dereference flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the alloc_workqueue function return is not validated in time of failure, resulting in a system crash or leaked internal kernel information.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
The mitigation is to disable unprivileged user namespaces by setting user.max_user_namespaces to 0:
```
# echo "user.max_user_namespaces=0" > /etc/sysctl.d/userns.conf
# sysctl -p /etc/sysctl.d/userns.conf
```
A user after-free vulnerability was found in the Linux kernel in the refcount_t variable when performing the controller reset. This issue could lead to denial of service of the system.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system.
7.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
To mitigate this issue, prevent module tls from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A NULL pointer dereference flaw was found in the Linux kernel’s netfilter subsystem. The issue could occur due to an error in nf_tables_updtable while freeing a transaction object not placed on the list head. This flaw allows a local, unprivileged user to crash the system, resulting in a denial of service.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
This flaw can be mitigated by preventing the affected netfilter kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.
A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.
4.7 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
This flaw can be mitigated by disabling THP on the system.
~~~
How to disable THP ?
https://access.redhat.com/solutions/1320153
~~~
A NULL pointer dereference issue was found in the SCTP network protocol in net/sctp/stream_sched.c in the Linux kernel. If stream_in allocation fails, stream_out is freed, which would be accessed further. This flaw allows a local user to crash the system or potentially cause a denial of service.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
An out-of-bounds (OOB) read problem was found in cbq_classify in net/sched/sch_cbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2736
Workaround
The mitigation is to disable unprivileged user namespaces by setting user.max_user_namespaces to 0:
```
# echo "user.max_user_namespaces=0" > /etc/sysctl.d/userns.conf
# sysctl -p /etc/sysctl.d/userns.conf
```
It is also possible to prevent the affected code from being loaded by blacklisting the `cbq` kernel module. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.
References
Acknowledgments
AMD
Tencent Security Yunding Lab
elijahbai
Harbin Institute of Technology
Qiuhao Li
Zhejiang University
Yongkang Jia
Gaoning Pan
Dongliang Mu
Kyle Zeng
DEVCORE Internship Program, and NYCU Software Security LAB
Pumpkin (@u1f383)
Wei Chen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)\n\n* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)\n\n* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)\n\n* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)\n\n* when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds (CVE-2021-33656)\n\n* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)\n\n* use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)\n\n* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)\n\n* KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)\n\n* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)\n\n* race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)\n\n* media: em28xx: initialize refcount before kref_get (CVE-2022-3239)\n\n* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)\n\n* memory leak in ipv6_renew_options() (CVE-2022-3524)\n\n* data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)\n\n* data races around sk-\u003esk_prot (CVE-2022-3567)\n\n* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)\n\n* denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)\n\n* use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)\n\n* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)\n\n* Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)\n\n* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)\n\n* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)\n\n* Executable Space Protection Bypass (CVE-2022-25265)\n\n* Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)\n\n* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)\n\n* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)\n\n* Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)\n\n* u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)\n\n* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)\n\n* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)\n\n* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)\n\n* Denial of service in beacon protection for P2P-device (CVE-2022-42722)\n\n* memory corruption in usbmon driver (CVE-2022-43750)\n\n* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)\n\n* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)\n\n* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)\n\n* Soft lockup occurred during __page_mapcount (CVE-2023-1582)\n\n* slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2736",
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index"
},
{
"category": "external",
"summary": "2055499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055499"
},
{
"category": "external",
"summary": "2061703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061703"
},
{
"category": "external",
"summary": "2078466",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078466"
},
{
"category": "external",
"summary": "2084125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084125"
},
{
"category": "external",
"summary": "2085300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085300"
},
{
"category": "external",
"summary": "2090723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090723"
},
{
"category": "external",
"summary": "2108691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108691"
},
{
"category": "external",
"summary": "2108696",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108696"
},
{
"category": "external",
"summary": "2114937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2114937"
},
{
"category": "external",
"summary": "2122228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122228"
},
{
"category": "external",
"summary": "2122960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122960"
},
{
"category": "external",
"summary": "2123056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2123056"
},
{
"category": "external",
"summary": "2124788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124788"
},
{
"category": "external",
"summary": "2127985",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127985"
},
{
"category": "external",
"summary": "2130141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130141"
},
{
"category": "external",
"summary": "2133483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133483"
},
{
"category": "external",
"summary": "2134377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134377"
},
{
"category": "external",
"summary": "2134451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134451"
},
{
"category": "external",
"summary": "2134506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134506"
},
{
"category": "external",
"summary": "2134517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134517"
},
{
"category": "external",
"summary": "2134528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134528"
},
{
"category": "external",
"summary": "2137979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137979"
},
{
"category": "external",
"summary": "2143893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143893"
},
{
"category": "external",
"summary": "2143943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143943"
},
{
"category": "external",
"summary": "2144720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144720"
},
{
"category": "external",
"summary": "2150947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150947"
},
{
"category": "external",
"summary": "2150960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150960"
},
{
"category": "external",
"summary": "2150979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150979"
},
{
"category": "external",
"summary": "2150999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150999"
},
{
"category": "external",
"summary": "2151270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151270"
},
{
"category": "external",
"summary": "2154171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154171"
},
{
"category": "external",
"summary": "2154235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154235"
},
{
"category": "external",
"summary": "2160023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160023"
},
{
"category": "external",
"summary": "2162120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162120"
},
{
"category": "external",
"summary": "2165721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165721"
},
{
"category": "external",
"summary": "2168246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168246"
},
{
"category": "external",
"summary": "2168297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168297"
},
{
"category": "external",
"summary": "2176192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176192"
},
{
"category": "external",
"summary": "2180936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180936"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2736.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2024-11-15T17:16:44+00:00",
"generator": {
"date": "2024-11-15T17:16:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:2736",
"initial_release_date": "2023-05-16T08:43:55+00:00",
"revision_history": [
{
"date": "2023-05-16T08:43:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-16T08:43:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T17:16:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"product": {
"name": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"product_id": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-477.10.1.rt7.274.el8_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-477.10.1.rt7.274.el8_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src"
},
"product_reference": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "NFV-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src"
},
"product_reference": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"relates_to_product_reference": "RT-8.8.0.GA"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"AMD"
]
}
],
"cve": "CVE-2021-26341",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2022-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061703"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26341"
},
{
"category": "external",
"summary": "RHBZ#2061703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26341"
},
{
"category": "external",
"summary": "https://grsecurity.net/amd_branch_mispredictor_part_2_where_no_cpu_has_gone_before",
"url": "https://grsecurity.net/amd_branch_mispredictor_part_2_where_no_cpu_has_gone_before"
},
{
"category": "external",
"summary": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1026",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1026"
},
{
"category": "external",
"summary": "https://www.amd.com/system/files/documents/software-techniques-for-managing-speculation.pdf",
"url": "https://www.amd.com/system/files/documents/software-techniques-for-managing-speculation.pdf"
}
],
"release_date": "2022-03-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch"
},
{
"cve": "CVE-2021-33655",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-07-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108691"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the Linux kernel\u2019s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33655"
},
{
"category": "external",
"summary": "RHBZ#2108691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108691"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33655",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33655"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=086ff84617185393a0bbf25830c4f36412a7d3f4",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=086ff84617185393a0bbf25830c4f36412a7d3f4"
}
],
"release_date": "2022-07-08T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory"
},
{
"cve": "CVE-2021-33656",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-07-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108696"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the Linux kernel\u2019s console driver functionality in the way a user triggers the ioctl PIO_FONT with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as a having Moderate impact, because only local user with the access to the VGA device can trigger it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33656"
},
{
"category": "external",
"summary": "RHBZ#2108696",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108696"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33656",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33656"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch"
}
],
"release_date": "2021-01-05T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds"
},
{
"cve": "CVE-2021-47592",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293235"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix tc flower deletion for VLAN priority Rx steering\n\nTo replicate the issue:-\n\n1) Add 1 flower filter for VLAN Priority based frame steering:-\n$ IFDEVNAME=eth0\n$ tc qdisc add dev $IFDEVNAME ingress\n$ tc qdisc add dev $IFDEVNAME root mqprio num_tc 8 \\\n map 0 1 2 3 4 5 6 7 0 0 0 0 0 0 0 0 \\\n queues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0\n$ tc filter add dev $IFDEVNAME parent ffff: protocol 802.1Q \\\n flower vlan_prio 0 hw_tc 0\n\n2) Get the \u0027pref\u0027 id\n$ tc filter show dev $IFDEVNAME ingress\n\n3) Delete a specific tc flower record (say pref 49151)\n$ tc filter del dev $IFDEVNAME parent ffff: pref 49151\n\nFrom dmesg, we will observe kernel NULL pointer ooops\n\n[ 197.170464] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 197.171367] #PF: supervisor read access in kernel mode\n[ 197.171367] #PF: error_code(0x0000) - not-present page\n[ 197.171367] PGD 0 P4D 0\n[ 197.171367] Oops: 0000 [#1] PREEMPT SMP NOPTI\n\n\u003csnip\u003e\n\n[ 197.171367] RIP: 0010:tc_setup_cls+0x20b/0x4a0 [stmmac]\n\n\u003csnip\u003e\n\n[ 197.171367] Call Trace:\n[ 197.171367] \u003cTASK\u003e\n[ 197.171367] ? __stmmac_disable_all_queues+0xa8/0xe0 [stmmac]\n[ 197.171367] stmmac_setup_tc_block_cb+0x70/0x110 [stmmac]\n[ 197.171367] tc_setup_cb_destroy+0xb3/0x180\n[ 197.171367] fl_hw_destroy_filter+0x94/0xc0 [cls_flower]\n\nThe above issue is due to previous incorrect implementation of\ntc_del_vlan_flow(), shown below, that uses flow_cls_offload_flow_rule()\nto get struct flow_rule *rule which is no longer valid for tc filter\ndelete operation.\n\n struct flow_rule *rule = flow_cls_offload_flow_rule(cls);\n struct flow_dissector *dissector = rule-\u003ematch.dissector;\n\nSo, to ensure tc_del_vlan_flow() deletes the right VLAN cls record for\nearlier configured RX queue (configured by hw_tc) in tc_add_vlan_flow(),\nthis patch introduces stmmac_rfs_entry as driver-side flow_cls_offload\nrecord for \u0027RX frame steering\u0027 tc flower, currently used for VLAN\npriority. The implementation has taken consideration for future extension\nto include other type RX frame steering such as EtherType based.\n\nv2:\n - Clean up overly extensive backtrace and rewrite git message to better\n explain the kernel NULL pointer issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: stmmac: fix tc flower deletion for VLAN priority Rx steering",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47592"
},
{
"category": "external",
"summary": "RHBZ#2293235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47592",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47592"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47592",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47592"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47592-7ca6@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024061919-CVE-2021-47592-7ca6@gregkh/T"
}
],
"release_date": "2024-06-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: stmmac: fix tc flower deletion for VLAN priority Rx steering"
},
{
"cve": "CVE-2022-1462",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"discovery_date": "2022-04-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2078466"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in the Linux kernel\u2019s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible race condition in drivers/tty/tty_buffers.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1462"
},
{
"category": "external",
"summary": "RHBZ#2078466",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078466"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1462",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1462"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q2/155",
"url": "https://seclists.org/oss-sec/2022/q2/155"
}
],
"release_date": "2022-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible race condition in drivers/tty/tty_buffers.c"
},
{
"acknowledgments": [
{
"names": [
"elijahbai"
],
"organization": "Tencent Security Yunding Lab"
}
],
"cve": "CVE-2022-1679",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-05-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2084125"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Keeping this issue Moderate, because the impact is limited: likely only possibility of memory leak and crash, but not privileges escalation and both kind of race condition that is hard to trigger.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1679"
},
{
"category": "external",
"summary": "RHBZ#2084125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084125"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1679"
},
{
"category": "external",
"summary": "https://lore.kernel.org/lkml/87ilqc7jv9.fsf@kernel.org/t/",
"url": "https://lore.kernel.org/lkml/87ilqc7jv9.fsf@kernel.org/t/"
}
],
"release_date": "2022-02-07T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module ath9k from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges"
},
{
"acknowledgments": [
{
"names": [
"Qiuhao Li"
],
"organization": "Harbin Institute of Technology"
},
{
"names": [
"Yongkang Jia",
"Gaoning Pan"
],
"organization": "Zhejiang University"
}
],
"cve": "CVE-2022-1789",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2090723"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 did not provide support for INVPCID in shadow paging mode and therefore are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1789"
},
{
"category": "external",
"summary": "RHBZ#2090723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090723"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1789"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-v8pq-23qj-q7x7",
"url": "https://github.com/advisories/GHSA-v8pq-23qj-q7x7"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/05/25/2",
"url": "https://www.openwall.com/lists/oss-security/2022/05/25/2"
}
],
"release_date": "2022-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva"
},
{
"cve": "CVE-2022-2196",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2023-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160023"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the KVM\u0027s Intel nested virtualization feature (nVMX). Since L1 and L2 shared branch prediction modes (guest-user and guest-kernel), KVM did not protect indirect branches in L1 from steering by a malicious agent in L2. This could allow a malicious nested guest to carry out Spectre v2 attacks against L1 due to a missing IBPB at VM-exit time.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat currently provides the nested virtualization feature as a Technology Preview. Nested virtualization is therefore unsupported for production use. For more information please refer to https://access.redhat.com/solutions/21101 and https://access.redhat.com/support/offerings/techpreview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2196"
},
{
"category": "external",
"summary": "RHBZ#2160023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160023"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2196"
}
],
"release_date": "2022-09-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "This vulnerability can be mitigated by disabling the nested virtualization feature:\n```\n# modprobe -r kvm_intel\n# modprobe kvm_intel nested=0\n```",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks"
},
{
"cve": "CVE-2022-2663",
"cwe": {
"id": "CWE-923",
"name": "Improper Restriction of Communication Channel to Intended Endpoints"
},
"discovery_date": "2022-08-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2123056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and it incorrectly matches on the message. An attacker could exploit this vulnerability to bypass firewall when users are using unencrypted IRC with nf_conntrack_irc configured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: nf_conntrack_irc message handling issue",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2663"
},
{
"category": "external",
"summary": "RHBZ#2123056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2123056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2663"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netfilter-devel/20220826045658.100360-1-dgl@dgl.cx/T/",
"url": "https://lore.kernel.org/netfilter-devel/20220826045658.100360-1-dgl@dgl.cx/T/"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module nf_conntrack_irc from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: nf_conntrack_irc message handling issue"
},
{
"cve": "CVE-2022-3028",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-08-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2122228"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: race condition in xfrm_probe_algs can lead to OOB read/write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having a Moderate impact because it can only be triggered by a privileged local user (with CAP_NET_ADMIN or root).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3028"
},
{
"category": "external",
"summary": "RHBZ#2122228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122228"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3028",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3028"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/ba953a9d89a00c078b85f4b190bc1dde66fe16b5",
"url": "https://github.com/torvalds/linux/commit/ba953a9d89a00c078b85f4b190bc1dde66fe16b5"
}
],
"release_date": "2022-07-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: race condition in xfrm_probe_algs can lead to OOB read/write"
},
{
"acknowledgments": [
{
"names": [
"Dongliang Mu"
]
}
],
"cve": "CVE-2022-3239",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127985"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s video4linux driver in how a user triggers the em28xx_usb_probe() for the Empia 28xx-based TV cards. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: media: em28xx: initialize refcount before kref_get",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3239"
},
{
"category": "external",
"summary": "RHBZ#2127985",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127985"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3239"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3239",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3239"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c08eadca1bdfa099e20a32f8fa4b52b2f672236d",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c08eadca1bdfa099e20a32f8fa4b52b2f672236d"
}
],
"release_date": "2022-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module em28xx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: media: em28xx: initialize refcount before kref_get"
},
{
"cve": "CVE-2022-3522",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2022-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150979"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in hugetlb_no_page in the mm/hugetlb.c file in the Linux Kernel, where a manipulation leads to a race condition. This flaw may allow a local attacker to cause a denial of service and can lead to a kernel information leak issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: race condition in hugetlb_no_page() in mm/hugetlb.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3522"
},
{
"category": "external",
"summary": "RHBZ#2150979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150979"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3522"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20221004193400.110155-3-peterx@redhat.com/T/#u",
"url": "https://lore.kernel.org/all/20221004193400.110155-3-peterx@redhat.com/T/#u"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: race condition in hugetlb_no_page() in mm/hugetlb.c"
},
{
"cve": "CVE-2022-3524",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2022-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150947"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u2019s IPv6 functionality in how a user triggers the setsockopt of the IPV6_ADDRFORM and IPV6_DSTOPTS type. This flaw allows a user to crash the system if the setsockopt function is being called simultaneously with the IPV6_ADDRFORM type and other processes with the IPV6_DSTOPTS type. This issue is unlikely to happen unless a local process triggers IPV6_ADDRFORM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in ipv6_renew_options()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3524"
},
{
"category": "external",
"summary": "RHBZ#2150947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3524"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3524",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3524"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c52c6bb831f6335c176a0fc7214e26f43adbd11",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c52c6bb831f6335c176a0fc7214e26f43adbd11"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memory leak in ipv6_renew_options()"
},
{
"cve": "CVE-2022-3564",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150999"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated between Moderate and Important (similar to the CVE-2022-45934) because of no known attack, and the attack would be complex. Anyway, consider this CVE-2022-3564 as Important because the use-after-free can potentially lead to privilege escalation or a potential remote system crash (and currently, a read after-free that in most cases would not lead to a remote system crash).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3564"
},
{
"category": "external",
"summary": "RHBZ#2150999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150999"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3564"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=89f9f3cb86b1c63badaf392a83dd661d56cc50b1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=89f9f3cb86b1c63badaf392a83dd661d56cc50b1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the Customer Portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, Bluetooth can be disabled within the hardware or at BIOS level which will also provide an effective mitigation as the kernel will not be able to detect that Bluetooth hardware is present on the system.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c"
},
{
"cve": "CVE-2022-3566",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"discovery_date": "2022-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143893"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the tcp subsystem in the Linux Kernel, due to a data race around icsk-\u003eicsk_af_ops. This issue could allow an attacker to leak internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3566"
},
{
"category": "external",
"summary": "RHBZ#2143893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3566"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57"
}
],
"release_date": "2022-10-06T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt"
},
{
"cve": "CVE-2022-3567",
"cwe": {
"id": "CWE-421",
"name": "Race Condition During Access to Alternate Channel"
},
"discovery_date": "2022-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143943"
}
],
"notes": [
{
"category": "description",
"text": "A data race problem was found in sk-\u003esk_prot in the network subsystem in ipv6 in the Linux kernel. This issue occurs while some functions access critical data, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: data races around sk-\u003esk_prot",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3567"
},
{
"category": "external",
"summary": "RHBZ#2143943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3567"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=364f997b5cfe1db0d63a390fe7c801fa2b3115f6",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=364f997b5cfe1db0d63a390fe7c801fa2b3115f6"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: data races around sk-\u003esk_prot"
},
{
"cve": "CVE-2022-3619",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2022-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2154235"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in the Linux kernel\u2019s L2CAP bluetooth functionality. This issue occurs when a user generates malicious packets, triggering the l2cap_recv_acldata function. This flaw allows a local or bluetooth connection user to potentially crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3619"
},
{
"category": "external",
"summary": "RHBZ#2154235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3619",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3619"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=97097c85c088e11651146da32a4e1cdb9dfa6193",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=97097c85c088e11651146da32a4e1cdb9dfa6193"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.211918",
"url": "https://vuldb.com/?id.211918"
}
],
"release_date": "2022-10-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the customer portal at https://access.redhat.com/solutions/268293.\n\nAlternatively, bluetooth can be disabled within the hardware or at the BIOS level, which will also provide effective mitigation as the kernel will not detect Bluetooth hardware on the system.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c"
},
{
"cve": "CVE-2022-3623",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2023-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2165721"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in follow_page_pte in mm/gup.c in the Linux Kernel. This issue occurs due to a race problem which can poison the page table entry and cause a denial-of-service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3623"
},
{
"category": "external",
"summary": "RHBZ#2165721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165721"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3623",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3623"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=fac35ba763ed07ba93154c95ffc0c4a55023707f"
}
],
"release_date": "2022-09-01T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry"
},
{
"cve": "CVE-2022-3625",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2144720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netlink device interface implementation in the Linux kernel that improperly handled certain error conditions, leading to a use-after-free issue with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of service (system crash) or execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free after failed devlink reload in devlink_param_get",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3625"
},
{
"category": "external",
"summary": "RHBZ#2144720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3625"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3625",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3625"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=6b4db2e528f650c7fb712961aac36455468d5902",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=6b4db2e528f650c7fb712961aac36455468d5902"
}
],
"release_date": "2022-08-09T08:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free after failed devlink reload in devlink_param_get"
},
{
"cve": "CVE-2022-3628",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-12-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150960"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: USB-accessible buffer overflow in brcmfmac",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3628"
},
{
"category": "external",
"summary": "RHBZ#2150960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3628",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3628"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c?id=6788ba8aed4e28e90f72d68a9d794e34eac17295",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c?id=6788ba8aed4e28e90f72d68a9d794e34eac17295"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/60",
"url": "https://seclists.org/oss-sec/2022/q4/60"
}
],
"release_date": "2022-10-22T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the brcmfmac module from being loaded. See https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: USB-accessible buffer overflow in brcmfmac"
},
{
"cve": "CVE-2022-3707",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2022-10-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2137979"
}
],
"notes": [
{
"category": "description",
"text": "A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3707"
},
{
"category": "external",
"summary": "RHBZ#2137979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137979"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3707",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3707"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz@163.com/",
"url": "https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz@163.com/"
}
],
"release_date": "2022-10-07T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed"
},
{
"cve": "CVE-2022-4129",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4129"
},
{
"category": "external",
"summary": "RHBZ#2134528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4129"
}
],
"release_date": "2022-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference"
},
{
"cve": "CVE-2022-4662",
"cwe": {
"id": "CWE-455",
"name": "Non-exit on Failed Initialization"
},
"discovery_date": "2022-12-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155788"
}
],
"notes": [
{
"category": "description",
"text": "An incorrect access control flaw was found in the Linux kernel USB core subsystem. When attaching a malicious usb device, the recursive locking violation in usb-storage can cause the kernel to deadlock. This issue could allow a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Recursive locking violation in usb-storage that can cause the kernel to deadlock",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4662"
},
{
"category": "external",
"summary": "RHBZ#2155788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4662"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4662",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4662"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20220913140355.910732567@linuxfoundation.org/",
"url": "https://lore.kernel.org/all/20220913140355.910732567@linuxfoundation.org/"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA@mail.gmail.com/",
"url": "https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA@mail.gmail.com/"
}
],
"release_date": "2022-09-13T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Recursive locking violation in usb-storage that can cause the kernel to deadlock"
},
{
"cve": "CVE-2022-20141",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"discovery_date": "2022-08-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2114937"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s IGMP protocol in how a user triggers a race condition in the ip_check_mc_rcu function. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-20141"
},
{
"category": "external",
"summary": "RHBZ#2114937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2114937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-20141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20141"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/igmp.c?h=v5.19\u0026id=23d2b94043ca8835bd1e67749020e839f396a1c2",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/igmp.c?h=v5.19\u0026id=23d2b94043ca8835bd1e67749020e839f396a1c2"
}
],
"release_date": "2021-07-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets"
},
{
"cve": "CVE-2022-25265",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2022-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2055499"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Executable Space Protection Bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25265"
},
{
"category": "external",
"summary": "RHBZ#2055499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25265"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25265",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25265"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/blob/1c33bb0507508af24fd754dd7123bd8e997fab2f/arch/x86/include/asm/elf.h#L281-L294",
"url": "https://github.com/torvalds/linux/blob/1c33bb0507508af24fd754dd7123bd8e997fab2f/arch/x86/include/asm/elf.h#L281-L294"
},
{
"category": "external",
"summary": "https://github.com/x0reaxeax/exec-prot-bypass",
"url": "https://github.com/x0reaxeax/exec-prot-bypass"
}
],
"release_date": "2022-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Executable Space Protection Bypass"
},
{
"cve": "CVE-2022-30594",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2085300"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag, possibly disabling seccomp.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30594"
},
{
"category": "external",
"summary": "RHBZ#2085300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085300"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30594"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30594",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30594"
}
],
"release_date": "2022-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "If ptrace is not required, ptrace can be disabled in multiple ways.\n\n 1. SELinux policy.\n\n # setsebool -P deny_ptrace on\n\n 2. Kernel sysctl.\n\n # sysctl -w kernel.yama.ptrace_scope=3\n\n Or to make persistent , create\n\n /etc/sysctl.d/99-yama-ptrace_scope.conf\n\n kernel.yama.ptrace_scope=3\n\nIf you need further assistance, see the KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option"
},
{
"cve": "CVE-2022-36879",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"discovery_date": "2022-07-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119855"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the refcount to drop twice, leading to a possible crash and a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36879"
},
{
"category": "external",
"summary": "RHBZ#2119855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119855"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36879"
}
],
"release_date": "2022-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice"
},
{
"cve": "CVE-2022-39188",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-09-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2130141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in include/asm-generic/tlb.h in the Linux kernel due to a race condition (unmap_mapping_range versus munmap). This issue allows a device driver to free a page while it still has stale TLB entries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only occurs in situations with VM_PFNMAP virtual memory areas (VMAs).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-39188"
},
{
"category": "external",
"summary": "RHBZ#2130141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39188"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2329",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2329"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b67fbebd4cf980aecbcc750e1462128bffe8ae15",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b67fbebd4cf980aecbcc750e1462128bffe8ae15"
},
{
"category": "external",
"summary": "https://lore.kernel.org/stable/20220831191348.3388208-1-jannh@google.com/T/#u",
"url": "https://lore.kernel.org/stable/20220831191348.3388208-1-jannh@google.com/T/#u"
}
],
"release_date": "2022-07-06T16:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry"
},
{
"cve": "CVE-2022-39189",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-09-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x86 KVM subsystem in kvm_steal_time_set_preempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "With the current usecase, attacker need a root privileges to exploit this flaw, however there may have ways to defeat this either, but in both cases it seems that Attack Complexity is high (AC:H)",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-39189"
},
{
"category": "external",
"summary": "RHBZ#2124788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39189"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2309",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2309"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cd88243c7e03845a450795e134b488fc2afb736"
}
],
"release_date": "2022-05-30T03:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning"
},
{
"cve": "CVE-2022-41218",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-08-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2122960"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s dvb-core subsystem (DVB API used by Digital TV devices) in how a user physically removed a USB device (such as a DVB demultiplexer device) while running malicious code. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Report vmalloc UAF in dvb-core/dmxdev",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Keeping this issue Moderate because the impact is limited: only when the user uses the dvb-core module and removes the USB device triggers the attack. This kind of race condition is hard to trigger and requires several preconditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41218"
},
{
"category": "external",
"summary": "RHBZ#2122960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41218",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41218"
},
{
"category": "external",
"summary": "https://lore.kernel.org/all/20220908132754.30532-1-tiwai@suse.de/",
"url": "https://lore.kernel.org/all/20220908132754.30532-1-tiwai@suse.de/"
}
],
"release_date": "2022-09-23T08:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the module dvb-core from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Report vmalloc UAF in dvb-core/dmxdev"
},
{
"cve": "CVE-2022-41674",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134377"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was found in the u8 overflow in cfg80211_update_notlisted_nontrans() in net/wireless/scan.c in the Linux kernel\u2019s wifi subcomponent. This flaw allows an attacker to crash the system or leak internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41674"
},
{
"category": "external",
"summary": "RHBZ#2134377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41674"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/10/13/2",
"url": "https://www.openwall.com/lists/oss-security/2022/10/13/2"
}
],
"release_date": "2022-10-13T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: u8 overflow problem in cfg80211_update_notlisted_nontrans()"
},
{
"cve": "CVE-2022-42703",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2133483"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw with use-after-free capability was found in the Linux kernel. The VMA mm/rmap.c functionality in the is_mergeable_anon_vma() function continuously forks, using memory operations to trigger an incorrect reuse of leaf anon_vma. This issue allows a local attacker to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free related to leaf anon_vma double reuse",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42703"
},
{
"category": "external",
"summary": "RHBZ#2133483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42703",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42703"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2555283eb40df89945557273121e9393ef9b542b",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2555283eb40df89945557273121e9393ef9b542b"
}
],
"release_date": "2022-10-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free related to leaf anon_vma double reuse"
},
{
"cve": "CVE-2022-42720",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134451"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in bss_ref_get in the net/wireless/scan.c in\u00a0the Linux kernel. This issue can lead to a denial of service or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in bss_ref_get in net/wireless/scan.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42720"
},
{
"category": "external",
"summary": "RHBZ#2134451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42720"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/10/13/2",
"url": "https://www.openwall.com/lists/oss-security/2022/10/13/2"
}
],
"release_date": "2022-10-13T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria, comprised of ease of use and deployment, applicability to widespread installation base, and stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in bss_ref_get in net/wireless/scan.c"
},
{
"cve": "CVE-2022-42721",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134506"
}
],
"notes": [
{
"category": "description",
"text": "A list corruption flaw was found in cfg80211_add_nontrans_list in the net/wireless/scan.c function in the Linux kernel. This flaw could lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42721"
},
{
"category": "external",
"summary": "RHBZ#2134506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42721"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/10/13/2",
"url": "https://www.openwall.com/lists/oss-security/2022/10/13/2"
}
],
"release_date": "2022-10-13T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c"
},
{
"cve": "CVE-2022-42722",
"cwe": {
"id": "CWE-705",
"name": "Incorrect Control Flow Scoping"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134517"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in P2P-Device in wifi in ieee80211_rx_h_decrypt in net/mac80211/rx.c in the Linux kernel, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Denial of service in beacon protection for P2P-device",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42722"
},
{
"category": "external",
"summary": "RHBZ#2134517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42722"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2022/10/13/2",
"url": "https://www.openwall.com/lists/oss-security/2022/10/13/2"
}
],
"release_date": "2022-10-13T10:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module mac80211 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Denial of service in beacon protection for P2P-device"
},
{
"cve": "CVE-2022-43750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151270"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory write flaw in the Linux kernel\u2019s USB Monitor component was found in how a user with access to the /dev/usbmon can trigger it by an incorrect write to the memory of the usbmon. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory corruption in usbmon driver",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43750"
},
{
"category": "external",
"summary": "RHBZ#2151270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151270"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43750"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/a659daf63d16aa883be42f3f34ff84235c302198",
"url": "https://github.com/torvalds/linux/commit/a659daf63d16aa883be42f3f34ff84235c302198"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memory corruption in usbmon driver"
},
{
"cve": "CVE-2022-47929",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168246"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the alloc_workqueue function return is not validated in time of failure, resulting in a system crash or leaked internal kernel information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in traffic control subsystem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-47929"
},
{
"category": "external",
"summary": "RHBZ#2168246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168246"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-47929",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47929"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=96398560f26aa07e8f2969d73c8197e6a6d10407",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=96398560f26aa07e8f2969d73c8197e6a6d10407"
}
],
"release_date": "2023-01-09T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "The mitigation is to disable unprivileged user namespaces by setting user.max_user_namespaces to 0:\n\n```\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n```",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NULL pointer dereference in traffic control subsystem"
},
{
"cve": "CVE-2022-48695",
"discovery_date": "2024-05-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278999"
}
],
"notes": [
{
"category": "description",
"text": "A user after-free vulnerability was found in the Linux kernel in the refcount_t variable when performing the controller reset. This issue could lead to denial of service of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: scsi: mpt3sas: Fix use-after-free warning",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-48695"
},
{
"category": "external",
"summary": "RHBZ#2278999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278999"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-48695",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48695"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2024050348-CVE-2022-48695-8a9e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2024050348-CVE-2022-48695-8a9e@gregkh/T"
}
],
"release_date": "2024-05-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: scsi: mpt3sas: Fix use-after-free warning"
},
{
"acknowledgments": [
{
"names": [
"Kyle Zeng"
]
}
],
"cve": "CVE-2023-0394",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-01-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2162120"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL pointer dereference in rawv6_push_pending_frames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0394"
},
{
"category": "external",
"summary": "RHBZ#2162120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162120"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0394",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0394"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864cdbe35ff6378966660edbcbac955fe17",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864cdbe35ff6378966660edbcbac955fe17"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2023/01/18/2",
"url": "https://www.openwall.com/lists/oss-security/2023/01/18/2"
}
],
"release_date": "2023-01-17T17:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NULL pointer dereference in rawv6_push_pending_frames"
},
{
"cve": "CVE-2023-0461",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2176192"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/ulp: use-after-free in listening ULP sockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Versions of Red Hat Enterprise Linux before 8 are not affected by this vulnerability as they did not include the upstream commit 734942c (\"tcp: ULP infrastructure\").",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0461"
},
{
"category": "external",
"summary": "RHBZ#2176192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176192"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0461",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0461"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/2c02d41d71f90a5168391b6a5f2954112ba2307c",
"url": "https://github.com/torvalds/linux/commit/2c02d41d71f90a5168391b6a5f2954112ba2307c"
}
],
"release_date": "2023-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module tls from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/ulp: use-after-free in listening ULP sockets"
},
{
"cve": "CVE-2023-1095",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2173973"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s netfilter subsystem. The issue could occur due to an error in nf_tables_updtable while freeing a transaction object not placed on the list head. This flaw allows a local, unprivileged user to crash the system, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: netfilter: NULL pointer dereference in nf_tables due to zeroed list head",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1095"
},
{
"category": "external",
"summary": "RHBZ#2173973",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173973"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1095",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1095"
}
],
"release_date": "2022-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by preventing the affected netfilter kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: netfilter: NULL pointer dereference in nf_tables due to zeroed list head"
},
{
"acknowledgments": [
{
"names": [
"Pumpkin (@u1f383)"
],
"organization": "DEVCORE Internship Program, and NYCU Software Security LAB"
}
],
"cve": "CVE-2023-1195",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2154171"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server-\u003ehostname to NULL, leading to an invalid pointer request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1195"
},
{
"category": "external",
"summary": "RHBZ#2154171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1195"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/153695d36ead0ccc4d0256953c751cabf673e621",
"url": "https://github.com/torvalds/linux/commit/153695d36ead0ccc4d0256953c751cabf673e621"
}
],
"release_date": "2022-10-02T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c"
},
{
"cve": "CVE-2023-1582",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2023-03-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180936"
}
],
"notes": [
{
"category": "description",
"text": "A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Soft lockup occurred during __page_mapcount",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw applies only to RHEL 8.7 kernel version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1582"
},
{
"category": "external",
"summary": "RHBZ#2180936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180936"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1582"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-mm/Yg6ac8WlwtnDH6M0@kroah.com/",
"url": "https://lore.kernel.org/linux-mm/Yg6ac8WlwtnDH6M0@kroah.com/"
}
],
"release_date": "2022-02-11T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling THP on the system.\n~~~\nHow to disable THP ? \nhttps://access.redhat.com/solutions/1320153\n~~~",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Soft lockup occurred during __page_mapcount"
},
{
"acknowledgments": [
{
"names": [
"Wei Chen"
]
}
],
"cve": "CVE-2023-2177",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2023-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187953"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference issue was found in the SCTP network protocol in net/sctp/stream_sched.c in the Linux kernel. If stream_in allocation fails, stream_out is freed, which would be accessed further. This flaw allows a local user to crash the system or potentially cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: NULL pointer dereference problem in sctp_sched_dequeue_common",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2177"
},
{
"category": "external",
"summary": "RHBZ#2187953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2177"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2177",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2177"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=181d8d2066c0",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=181d8d2066c0"
}
],
"release_date": "2022-07-25T12:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kernel: NULL pointer dereference problem in sctp_sched_dequeue_common"
},
{
"cve": "CVE-2023-22998",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"discovery_date": "2023-03-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182429"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6 and 7 are not affected by this flaw as they did not include the `virtio_gpu_object_shmem_init` function, introduced upstream in commit 2f2aa13 (\"drm/virtio: move virtio_gpu_mem_entry initialization to new function\").",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22998"
},
{
"category": "external",
"summary": "RHBZ#2182429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22998"
}
],
"release_date": "2023-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()"
},
{
"cve": "CVE-2023-23454",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2168297"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) read problem was found in cbq_classify in net/sched/sch_cbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: slab-out-of-bounds read vulnerabilities in cbq_classify",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-23454"
},
{
"category": "external",
"summary": "RHBZ#2168297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23454",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23454"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12"
}
],
"release_date": "2023-01-01T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:43:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2736"
},
{
"category": "workaround",
"details": "The mitigation is to disable unprivileged user namespaces by setting user.max_user_namespaces to 0:\n```\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n```\nIt is also possible to prevent the affected code from being loaded by blacklisting the `cbq` kernel module. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"NFV-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"NFV-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.src",
"RT-8.8.0.GA:kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-core-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-devel-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-kvm-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64",
"RT-8.8.0.GA:kernel-rt-modules-extra-0:4.18.0-477.10.1.rt7.274.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: slab-out-of-bounds read vulnerabilities in cbq_classify"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…